Separation of Duties with one person ISSO

Separation of duties is an important security best practice. Separation of duties (SoD) is where an organization creates different roles for very important tasks. For example, a system administrator should not have the role of an auditor. The reason you separate these roles is because there is a conflict of interest where the system administrator auditing their own system will not be able to be completely objective when performing an assessment.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top