IT Examiner School, Seaside, CA
Separation of Duties
Principal concept of separation of duties?
Potential control mechanisms includes: • Principle of least privilege
• Rotation of duties
• Independent review
• Dual review
Training
• Must include ALL employees of the institution. • Must be conducted annually. • The institution should collect signed acknowledgments of the employee acceptable use policy.
Made with FlippingBook - Online catalogs