Database Reference
In-Depth Information
° If you appropriately segregate duties you will minimize the cost of
fraud. The following screenshot shows an Oracle Balanced Scorecard
implementation with a drill-down on the reduce fraud objective to a
GRC Intelligence report on Segregation of Duties violations:
• Process perspective:
° If you minimize the time between change of job and authorization
changes, you will ensure that least privileges are granted and thus
you will maintain confidentiality
° If you minimize the time between end of employment and revocation
of accounts, you will maintain confidentiality
° If you align security strategy with corporate strategy it will force you
to document you security policies
° If you have minimized the cost of disaster recovery you will maintain
the availability of systems
° If you appropriately harden systems they will be protected against
threats and availability will be maintained
° If you maintain a security awareness program, you will reduce the
number of security issues
• Learning and growth perspective:
° If you recruit credentialed and experienced security professionals,
you will be able to remain current on technical and regulatory issues
and thus keep appropriate security policies documented
° You will need to document appropriate security policies to maintain
a risk awareness program
 
Search WWH ::




Custom Search