Security Basics mailing list archives
Segregation of Duties related
From: Faheem SIDDIQUI <fahimdxb () gmail com>
Date: Sun, 26 Nov 2006 22:30:05 +0400
I am preparing a "Segregation fo Duties` Matrix within my IS function (Is there a better way to hit it?)
I found a very basic chart at ISACA website: ( Linked Below...)According to this chart, some of the things in the Control Matrix are obvious but some aren`t so.
A few that I am having difficulty understanding are: For example, A database admin can be a 'Tape Librarian' but Network/Systems admin create a control weakness on this job function and so does a Security Admin. Why?
-> Also, DBA can be a systems analyst but cannot be an application programmer. -> A Network or a System Administrator, cannot be a Help Desk Support manager.
I was wondering, what are the potential control weaknesses here?? The information I am referring to can be found at: http://www.isaca.org/Content/ContentGroups/Certification3/CRM_Segregation_of_Duties.pdf
Current thread:
- files containing web llinks mr . nasty (Nov 20)
- Re: files containing web llinks pdp (architect) (Nov 24)
- Re: files containing web llinks Jeffrey F. Bloss (Nov 27)
- Segregation of Duties related Faheem SIDDIQUI (Nov 27)
- <Possible follow-ups>
- Re: files containing web llinks mr . nasty (Nov 21)
- Re: files containing web llinks Jeffrey F. Bloss (Nov 22)
- RE: files containing web llinks David Gillett (Nov 23)
- Re: files containing web llinks Jeffrey F. Bloss (Nov 23)
- Re: files containing web llinks Jeffrey F. Bloss (Nov 22)
- Re: files containing web llinks pdp (architect) (Nov 24)
- Re: Re: files containing web llinks krymson (Nov 23)
- RE: files containing web llinks Laundrup, Jens (Nov 23)