Network Security: Detailed info on Segregation of Duties related

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Segregation of Duties related

from [Faheem SIDDIQUI] Network Security

[Permanent Link]

Subject:	Segregation of Duties related
Date:	Sun, 26 Nov 2006 22:30:05 +0400

I am preparing a "Segregation fo Duties` Matrix within my IS function (Is there a better way to hit it?)

I found a very basic chart at ISACA website: ( Linked Below...)

According to this chart, some of the things in the Control Matrix are obvious but some aren`t so.

A few that I am having difficulty understanding are: For example, A database admin can be a 'Tape Librarian' but Network/Systems admin create a control weakness on this job function and so does a Security Admin. Why?

-> Also, DBA can be a systems analyst but cannot be an application programmer. -> A Network or a System Administrator, cannot be a Help Desk Support manager.

I was wondering, what are the potential control weaknesses here??
The information I am referring to can be found at:

http://www.isaca.org/Content/ContentGroups/Certification3/CRM_Segregation_of_Duties.pdf

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
files containing web llinks, mr . nasty Re: files containing web llinks, pdp (architect) Re: files containing web llinks, Jeffrey F. Bloss Segregation of Duties related, Faheem SIDDIQUI <= Re: files containing web llinks, mr . nasty Re: files containing web llinks, Jeffrey F. Bloss RE: files containing web llinks, David Gillett Re: files containing web llinks, Jeffrey F. Bloss Re: Re: files containing web llinks, krymson RE: files containing web llinks, Laundrup, Jens

Previous by Date:	online searchable exploit code database?, Florian Rommel
Next by Date:	Re: Reverse Proxy, Saqib Ali
Previous by Thread:	Re: files containing web llinks, Jeffrey F. Bloss
Next by Thread:	Re: files containing web llinks, mr . nasty
Indexes:	[Date] [Thread] [Top] [All Lists]