I. Describe the term separation of duties and why it is important in reducing the risk an

Question:

I. Describe the term separation of duties and why it is important in reducing the risk an organization takes on when limiting the chance an employee will violate information security and break the confidentiality, integrity, or availability of information.
II. Compare and contrast separation of duties with two-person control and how they are similar but uniquely different in their approaches.
III. Evaluate the use of job/task rotations and the application of mandatory vacations as additional measures to protect an organization’s information security systems and data.
IV. Recognize the concept of garden leave and why it is important to have the time break in place after someone departs the company and when they join a new organization that is potentially in the similar industry or field.
V. Establish that the principles of need to know or least privilege and why they are important to have in place in an organization. Here, employees only have access to information that they need relative to their position. Stress to students that the purpose of information security is to allow people who need to use system information to do so without being concerned about its confidentiality, integrity, and availability.

Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Related Book For  book-img-for-question

Principles Of Information Security

ISBN: 9780357506431

7th Edition

Authors: Michael E. Whitman, Herbert J. Mattord

Question Posted: