separation of duties
kohustuste lahusus
olemus
tööprotsessi sammude jaotamine inimestele nii, et toimingu kontrollija või sanktsioneerija ei oleks selle toimingu sooritaja; on põhiline korraldusmeede, mis välistab ja avastab vigu ja korratusi ning takistab avastamatuid pettusi ja kahjurkoodi sisestust
= allocating work process steps to people so that the person checking or sanctioning an action is not the person performing the action; it is a key organizational measure that excludes and detects errors and irregularities and prevents undetected fraud and malicious code entry
ISO/IEC 2382:
vastutuse jaotamine tundliku informatsiooni eest, nii et üksinda tegutsev isik saab rikkuda ainult andmetöötlussüsteemi piiratud osa turvalisust
= dividing responsibility for sensitive information so that an individual acting alone can compromise the security of only a limited portion of a data processing system
ülevaateid
https://www.techtarget.com/whatis/definition/segregation-of-duties-SoD
https://en.wikipedia.org/wiki/Separation_of_duties
https://www.wallstreetmojo.com/separation-of-duties/
https://link.springer.com/content/pdf/10.1007/0-306-46998-7_14.pdf
http://people.inf.ethz.ch/basin/pubs/asiaccs11.pdf
https://www.veeam.com/blog/separation-of-duties-cybersecurity.html
näiteid
https://www.cms.gov/Research-Statistics-Data-and-Systems/CMS-Information-Technology/CIO-Directives-and-Policies/Downloads/POLICY_DL_SeparationOfDuties.pdf
http://www.diva-portal.org/smash/get/diva2:832009/FULLTEXT01.pdf