CompTIA CySA+ (CS0-002) — Question 129
An organizational policy requires one person to input accounts payable and another to do accounts receivable. A separate control requires one person to write a check and another person to sign all checks greater than $5.000 and to get an additional signature for checks greater than $10,000. Which of the following controls has the organization implemented?
Answer options
- A. Segregation of duties
- B. Job rotation
- C. Non-repudiation
- D. Dual control
Correct answer: A
Explanation
The correct answer is Segregation of duties, as it ensures that no single individual has control over multiple stages of financial transactions, reducing the risk of fraud. Job rotation is not applicable here since the roles are fixed, non-repudiation refers to the assurance that someone cannot deny the validity of their signature, and dual control involves having two individuals oversee a single process, which is not the primary focus in this scenario.