Why should duties be segregated?
How can management determine if duties are properly segregated?
What if management has inadequate staff to properly segregate all duties?
Find and share an example (news article online) where separation of duties would have prevented an insider threat from exploiting a system. Describe how you would have prevented this incident.
REF: link https://www.sans.edu/cyber-research/security-laboratory/article/it-separation-duties