II.C.7(c) Segregation of Duties
Segregation of duties, or job designs that require more than one person to complete critical or sensitive tasks, can help mitigate risk. Employees and third parties with access to sensitive resources could cause substantial damage and potential loss. System administrators, for instance, have the most powerful role in the user access process and have unlimited access to an institution's information assets and technology. Given this extensive access, management should evaluate the process for determining which individuals should be granted system administrator privileges. Such access should be appropriately monitored for unauthorized or inappropriate activity. Management should incorporate independent reviews or approvals for individuals who perform multiple functions to minimize the potential for fraud, irregularities, and errors. Examples of segregation of duties include the following:
- Independent monitoring of the activities performed by the users with increased privileges (e.g., system administrators and super usersIn computing, the super user is a special user account used for system administration. Depending on the operating system, the name of this account might be root, administrator, admin, or supervisor.).
- Distribution of system administration activities so no administrator can hide his or her activities or control an entire system.
- Additional levels of approval as the criticality and sensitivity of decisions increase.
If an activity is conducted without appropriate segregation of duties, management should require an independent review (e.g., audit) of that activity.
II.C.7(b) User Access Program
II.C.7(d) Confidentiality Agreements