Quiz Entry - updated: 2026.07.05
What is segregation of duties and why is it important for access control?
Split a sensitive task across separate people/roles so no single person can complete it alone (e.g. one creates a payment, another approves it) — this curbs both honest mistakes and fraud, since fraud now needs collusion.
Segregation of Duties = Separating control between different roles/people
Examples:
- Production vs. Developer access - Developers shouldn't have production database access
- Within application - Person who creates payment ≠ person who approves it
Benefits - Reduces risk of:
- Errors - Multiple people catch mistakes
- Fraud - Collusion required to commit fraud
Implementation:
- Define clear role boundaries
- Implement approval workflows
- Review and audit regularly
Example in banking:
- Teller can initiate transfer
- Manager must approve transfers over $10,000
- Auditor reviews all transactions
- No single person can complete large transfers alone
Go deeper:
Separation of duties (Wikipedia) — the control principle and its use across finance, IT operations, and security.