You are the director of IT audit for a small but growing fintech organization. The new VP of operations is concerned that risks are not being managed appropriately within the department. He provides you with the current alignment between activities and risks and asks you to review them and ensure that items are aligned correctly. For each of the following control activities, select the type of risk it mitigates.

Risks:

$$ Inadequate segregation of duties

$$ Unauthorized physical access

$$ Unauthorized logical access

Control activities:

Type of Risk

$1.$

Only the warehouse manager can unlock the main door.

select a type of risk

$2.$

Software programmers cannot write the code and implement that code within the production environment.

select a type of risk

$3.$

All guests must check in with security personnel at the front desk.

select a type of risk

$4.$

Tiered access is based on job function.

select a type of risk

$5.$

Only employees with Level $4$ badges may enter the data center.

select a type of risk

$6.$

The same personnel should not prepare bank deposits and verify cash receipts.

select a type of risk

$7.$

Accounts payable clerks may not process payments for invoices.

select a type of risk

$8.$

Users must authenticate to join the wireless network.

select a type of risk

$9.$

All passwords must have at least $10$ characters and must be changed every $60$ days.

select a type of risk