What is separation of duties and how is separation of duties (SOD) principle important in information security?
Separation of duties (SoD) is an information security principle that requires two or more entities to operate in a coordinated manner to perform critical and sensitive tasks. SoD is employed to protect organizational assets against fraudulent acts. Because decomposing a process into multiple separate procedures performed by different people forces the malicious actor to collude with multiple insiders to compromise the system or data of the organization. Furthermore, information security controls that demands the involvement of two or more individuals are more secure, dependable and less susceptible to failure than those that are performed by a single individual. Moreover, SoD ensures that no single individual has a total control over a sensitive and critical system or function in the organization.