A strategy that helps reduce fraud and error by assigning two or more parts of a transaction to separate individuals. For example, the same person should not be able to enter an invoice then approve payment.
Why is it important?
Separation of duties (SoD) (also known as segregation of duties) prevents the same person from performing two or more parts of a transaction that would be susceptible to error or fraud if performed by one person. Fraud perpetrated through the lack of internal controls can lead to the loss of money, reputation, and market share as well as risking fines from regulators and, perhaps ultimately, shutdown of the organization.
Why does a business professional need to know this?
A business professional needs to understand availability because it constitutes one leg of the confidentiality, integrity, availability (CIA) security triad, which is the foundation of secure information in cybersecurity.
Your efforts to secure your systems and data mean nothing if that data is not available to authorized users (individuals or other systems). Availability can be compromised by malicious individuals or by accident in many ways, including the following:
While these practices are not inexpensive, consider the loss in sales and productivity if your systems and data were to become unavailable for an extended period of time.
About Michael Moorman
Michael Moorman has been a full-time faculty member at Saint Leo University for 27 years, teaching computer information systems, computer science, and cybersecurity courses. He is a member of the IEEE Computer Society, a senior member of the ACM, and a Certified Information Systems Security Professional (CISSP). Prior to earning his doctorate and becoming a professor, he served in the US Air Force as a pilot and engineer.
An assurance that information remains unaltered from its intended state as it is produced, transmitted, stored, and received. Ensuring integrity may include ensuring the non-repudiation and authenticity of information as well.