Main menu

Pages

Edit post

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?

Karen is designing a process for issuing checks and decides that one group of users will have the authority to create new payees in the system while a separate group of users will have the authority to issue checks to those payees. The intent of this control is to prevent fraud. Which principle is Karen enforcing?



A. Job rotation

B. Least privilege

C. Need-to-know

D. Separation of duties





Correct Answer is D. Separation of duties.

This type of control is used to prevent fraud. If a main activitis performed by all the users, then there will be a great chance of leaking some confidential information which could lead to a lose of the organization.

If an activity is separated into multiple tasks which will be performed by the different group of users, then the work will be performed more efficiently. This process is called as separation of duties.

Hence, the correct choice is separation of duties.

Latest articles from : computer science

Questions