Question
Your firm has just expanded its operations and started a new software development centre. The managing director of new centre is well known in industry,
Your firm has just expanded its operations and started a new software development centre.
The managing director of new centre is well known in industry, however, he is also bit
conventional when it comes to separation of duties and implementing controls. One day he
was addressing staff in a monthly meeting and outlined that they would only implement
biometric controls as it would deter unauthorised access. Managing director also said that he
was proud that their programmers were competent to develop programming codes and
manage data resources of organisation at the same time. However, as someone who has
worked at another large company in implementing security features and control systems, you
do not agree with his statement especially biometric controls for access and segregation of
duties. Evaluate this situation and read relevant course materials (lecture, tutorial, and book
chapter). Actual questions will be asked during assessment.
Questions:
Managing director's statement had two issues. Reliance on biometric controls alone and segregation of duties.
(a) What are the faults in the director's statement?
(b) Can the organisation rely on biometric controls alone?
(c) How can separation of duties be applied in the information systems area?
(d) What are the critical functions that should be separated?
(e) What are the risks if these functions are not separated?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started