What security management principle is John violating?

John does systems maintenance for his department and is also responsible for performing the operational security audit once a year. What security management principle is John violating?

John does systems maintenance for his department and is also responsible for performing the operational security audit once a year. What security management principle is John violating?

A.
Operational integrity

B.
Collusion

C.
Separation of duties

D.
Nondisclosure

Explanation:
Since John was responsible for doing the work on the system, John
should not also be the person to assess the quality of the work. This represents a
violation of the principle of separation of duties. No worker should be allowed to
check his own work. Collusion refers to the extra effort that a dishonest person
would have to take to accomplish a malicious task because separation of duties was
in place. Operational integrity is a term generally applied to operational processes
and doesnt apply to this case. Nondisclosure is a requirement not to share
sensitive information with persons not authorized to receive it.



Leave a Reply 0

Your email address will not be published. Required fields are marked *