Statements (30)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security_principle
|
| gptkbp:alsoKnownAs |
segregation of duties
SoD |
| gptkbp:appliesTo |
accounting
business management information security |
| gptkbp:consequence |
increased risk of error
increased risk of fraud regulatory non-compliance |
| gptkbp:example |
separating authorization and payment functions
separating development and operations in IT separating record keeping and asset custody |
| gptkbp:involves |
assigning tasks to different people
dividing responsibilities |
| gptkbp:prevention |
single person having full control over critical process
|
| gptkbp:purpose |
increase internal control
reduce risk of error reduce risk of fraud |
| gptkbp:recommendation |
gptkb:ISO/IEC_27001
gptkb:Sarbanes-Oxley_Act gptkb:COBIT_framework |
| gptkbp:relatedTo |
risk management
internal controls least privilege |
| gptkbp:usedIn |
corporate governance
IT security financial auditing |
| gptkbp:bfsParent |
gptkb:Access_Control_(AC)
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
Separation of Duties
|