SECURITY POLICY & STANDARTS

A fundamental component of internal control is the separation of duties for high-risk transactions. The underlying separation of duties concept is that no individual should be able to execute a high-risk transaction, conceal errors, or commit fraud in the normal course of their duties.

You can apply separation of duties at either a transactional or an organizational level. For example, payroll has access to employee financial records, but only payroll managers can approve raises.

Answer the following question(s):

  1. How do you define a high-risk transaction?
  2. If you were a security professional in a company, what are four roles (two sets of two related roles) you would separate and why?

NEED A CUSTOMIZED PAPER ON THE ABOVE DETAILS?

Submit your order now!