Too much access or too much authority over a process could allow someone to do something wrong and cover their tracks. SOD keeps everyone in their own lane. This session includes discussion on multiple scenarios that could be a separation of duties violations pulled from the field.
This course is a part of IT Audit Bytes series. The other Segments of this series are:
- IT Audit Bytes - Access Control
- IT Audit Bytes - Backup and Recovery
- IT Audit Bytes - Change Management
- IT Audit Bytes - Cybersecurity
- IT Audit Bytes - Data Loss Prevention
- IT Audit Bytes - Disaster Recovery and BCP
- IT Audit Bytes - IT Control Frameworks/li>
- IT Audit Bytes - Job Monitoring
- IT Audit Bytes - Logging and SEIM
- IT Audit Bytes - Network Security and Detection
- IT Audit Bytes - Password Management
- IT Audit Bytes - Physical Security
- IT Audit Bytes - Provisioning and Deprovisioning
- IT Audit Bytes - SDLC Controls
- IT Audit Bytes - Security Awareness Training
- IT Audit Bytes - Separation of Duties Controls
- IT Audit Bytes - SOC Reports
- IT Audit Bytes - Strategy and Governance
- IT Audit Bytes - Third-Party IT Risk Management (TPRM)
Prerequisites
No advanced preparation or prerequisites are required for this course.
Learning Objective
- Identify key elements of separation of duties controls.
- Discover and differentiate scenarios that could be possible SOD violations.
- Recognize tricky situations with system admins and SOD.
Last updated/reviewed: March 05, 2025
(0) Reviews
(0 rating)Lesson Questions and Answers0 Questions
There are no questions.
Answers to Frequently Asked Questions (FAQs)
Toby DeRoche
Owner
INTRODUCTION AND OVERVIEW
CONTINUOUS PLAY
SUPPORTING MATERIAL
- Slides: IT Audit Bytes - Separation of Duties Controls PDF
- IT Audit Bytes - Separation of Duties Controls Glossary PDF
REVIEW & TEST
- REVIEW QUESTIONS quiz
- FINAL EXAM exam
Ask the instructor a question about this lesson