Segregation of Duties
Not what you're looking for?
1)What is the objective of segregation of duties and what are two key aspects of it?
Segregation of Duties (SOD) is used to heighten security within internal controls. SOD's main objective is to reduce malicious activity that may occur as a result of human error or in the event that someone tries to cover up a technological mishap that may occur as a result of hacking, etc. The focal point of SOD is to ensure that one person is not the only one who has access to internal controls. According to Gregory Spafford (2006) "an individual should not be able to perform a transaction and delete all the logs" (Spafford, 2006) or information pertaining to that transaction in an effort to erase his/her steps so the transaction cannot be traced. SOD places limitations on what organizations can do and is most frequently used in audits and/or security reviews.
Reference
Spafford, G. (2006) Segregate Duties to Lessen Security Risks. Retrieved February 22, 2011 from http://itmanagement.earthweb.com/columns/article.php/3578216/Segregate-Duties-to-Lessen-Security-Risks.htm
2)What is control risk? Describe the steps involved in the process of assessing control risk.
Control Risk is the probability that an organizations' internal control effectiveness could depreciate over a length of time. In essence, control risk is a mitigation technique that most organizations should employ in order to identify and rectify potential risk and work towards an alleviation or preventative strategy.
Steps of Assessment
? Identify potential risks that may negatively affect the overall functionality of a project or operation.
? Decide what entity will be greatly impacted by the risk-once a manager can pinpoint who will be affected he/she can begin the process of further evaluation and strategy implementation.
? Evaluate the risk-Once the risks is properly assessed, a manager can apply the right prevention method for the potential risk.
? Determine a mitigation strategy of prevention.
? Maintain a record of key findings based on your observations.
? Review assessments and make the necessary recommendations.
Reference
HSE (2003) Five Steps to Risk Assessment: Five Steps to Risk Assessment Aims to Help Assess Health and Safety Risks. Retrieved February 22, 2011 from http://www.hse.gov.uk/risk/fivesteps.htm
Purchase this Solution
Solution Summary
1)What is the objective of segregation of duties and what are two key aspects of it?
Segregation of Duties (SOD) is used to heighten security within internal controls. SOD's main objective is to reduce malicious activity that may occur as a result of human error or in the event that someone tries to cover up a technological mishap that may occur as a result of hacking, etc. The focal point of SOD is to ensure that one person is not the only one who has access to internal controls. According to Gregory Spafford (2006) "an individual should not be able to perform a transaction and delete all the logs" (Spafford, 2006) or information pertaining to that transaction in an effort to erase his/her steps so the transaction cannot be traced. SOD places limitations on what organizations can do and is most frequently used in audits and/or security reviews.
Reference
Spafford, G. (2006) Segregate Duties to Lessen Security Risks. Retrieved February 22, 2011 from http://itmanagement.earthweb.com/columns/article.php/3578216/Segregate-Duties-to-Lessen-Security-Risks.htm
2)What is control risk? Describe the steps involved in the process of assessing control risk.
Control Risk is the probability that an organizations' internal control effectiveness could depreciate over a length of time. In essence, control risk is a mitigation technique that most organizations should employ in order to identify and rectify potential risk and work towards an alleviation or preventative strategy.
Solution Preview
1)What is the objective of segregation of duties and what are two key aspects of it?
Segregation of Duties (SOD) is used to heighten security within internal controls. SOD's main objective is to reduce malicious activity that may occur as a result of human error or in the event that someone tries to cover up a technological mishap that may occur as a result of hacking, etc. The focal point of SOD is to ensure that one person is not the only one who has access to internal controls. According to Gregory Spafford (2006) "an individual should not be able to perform a transaction and delete all the logs" (Spafford, 2006) or information pertaining to that transaction in an effort to erase his/her steps so the transaction cannot be traced. SOD places limitations on what organizations can do and is most frequently used in audits and/or security reviews.
Reference
Spafford, G. (2006) Segregate Duties to Lessen Security Risks. Retrieved February 22, 2011 from ...
Purchase this Solution
Free BrainMass Quizzes
Understanding the Accounting Equation
These 10 questions help a new student of accounting to understand the basic premise of accounting and how it is applied to the business world.
Business Ethics Awareness Strategy
This quiz is designed to assess your current ability for determining the characteristics of ethical behavior. It is essential that leaders, managers, and employees are able to distinguish between positive and negative ethical behavior. The quicker you assess a person's ethical tendency, the awareness empowers you to develop a strategy on how to interact with them.
Cost Concepts: Analyzing Costs in Managerial Accounting
This quiz gives students the opportunity to assess their knowledge of cost concepts used in managerial accounting such as opportunity costs, marginal costs, relevant costs and the benefits and relationships that derive from them.
Managing the Older Worker
This quiz will let you know some of the basics of dealing with older workers. This is increasingly important for managers and human resource workers as many countries are facing an increase in older people in the workforce
Lean your Process
This quiz will help you understand the basic concepts of Lean.