3½-page policy on division (or segregation) of responsibilities (and duties).
Responsibilities and rôles relating to vital procedural control points within critical business processes should be divided or segregated between multiple individuals in order to reduce the possibility of fraud or data entry errors. For example, it should be difficult if not impossible for one person to both submit and authorize a funds transfer or payment transaction, or change a supplier's bank account number.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Division of responsibilities policy
Template policy on division of responsibilities
See also the policies on:
- Information governance
- Information ownership
- Information risk management
- IT systems development and acquisition
- IT systems implementation
- Change and configuration management
- Access control
- Cloud computing
- Contractors and consultants
- IT audit