Separation of Duties Policy
Subscriber Content
Sample Procedures for Implementing and Maintaining Separation of Duties for Information Systems
This sample policy outlines the standards for applying separation of duties to protect a company’s information assets.
In this sample, information systems security administration should be based on the principle of separation of duties. This policy applies to all information systems administrators, including all platforms, LAN, client/server and email administrators. All company information security policies will be created, maintained and reviewed in accordance with the enterprise information security policy. This document addresses the acceptable practices with regard to planning, managing and implementing a company’s physical security.