Which of the following is NOT a best practice for separation of duties within the information systems department and between IT and business unit personnel?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Coach CFE Exam. Study using flashcards and multiple-choice questions, each with hints and explanations. Get ready for your assessment!

Multiple Choice

Which of the following is NOT a best practice for separation of duties within the information systems department and between IT and business unit personnel?

Explanation:
Separation of duties means spreading key responsibilities across different people or groups so no single person can both cause and approve a potentially harmful action. In the context of server administration, giving the sole responsibility to programmers concentrates highly privileged access in one role, which undermines governance and the ability to detect and prevent improper changes. When admins are separated from development, there are checks and balances: changes to production go through proper change-management processes, and operations teams can monitor and audit activity independently of who wrote the code. This reduces the risk of undetected tampering, accidental misconfiguration, or rushed deployments. End-user access to production data should be restricted to what their role requires, supporting least privilege. Programmers should not also be the ones testing their own code, creating a separation between development and verification to catch issues a developer might overlook. IT departments should maintain clear boundaries from business units to avoid conflicts of interest and ensure proper governance and oversight. So the statement that only programmers should be server administrators breaks the separation of duties and is not a best practice.

Separation of duties means spreading key responsibilities across different people or groups so no single person can both cause and approve a potentially harmful action. In the context of server administration, giving the sole responsibility to programmers concentrates highly privileged access in one role, which undermines governance and the ability to detect and prevent improper changes. When admins are separated from development, there are checks and balances: changes to production go through proper change-management processes, and operations teams can monitor and audit activity independently of who wrote the code. This reduces the risk of undetected tampering, accidental misconfiguration, or rushed deployments.

End-user access to production data should be restricted to what their role requires, supporting least privilege. Programmers should not also be the ones testing their own code, creating a separation between development and verification to catch issues a developer might overlook. IT departments should maintain clear boundaries from business units to avoid conflicts of interest and ensure proper governance and oversight.

So the statement that only programmers should be server administrators breaks the separation of duties and is not a best practice.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy