Certified Information Security Manager (CISM) — Question 976

A financial institution has identified a high risk of fraud within its credit department. Which of the following information security controls will BEST reduce the risk of fraud?

Answer options

• A. Mandatory time off
• B. Segregation of duties
• C. Acceptable use policy
• D. Periodic risk assessments

Correct answer: B

Explanation

Segregation of duties is crucial in reducing fraud risk as it ensures that no single individual has control over all aspects of a financial transaction. This makes it harder for fraud to occur since multiple people are required to complete a process. The other options, while useful, do not directly address the control of fraudulent activities in the same effective manner as segregation of duties.