Job rotation will DETECT Seperation of duties will PREVENT

choose d 2024-20-2 On Test and passed with 802

D. Job Rotation This is from the Mike Myers’s Sec+ (601) Cert Guide book: “Job rotation involves periodically switching people around to work in different positions. This practice enables different people to become proficient in a variety of job roles so that the organization doesn’t have to depend solely on one person to perform certain critical function or tasks”…(HERE’S THE IMPORTANT PART)…”When people become too comfortable with a job, they might believe that they can get away with performing actions they are not authorized to perform. Rotating people into different positions increases the potential to detect fraud or misuse in that position and can discourage or prevent nefarious activities.”

passed exam today on 19.01.2024.... This question is on the exam but worded differently at the end. Mentions something about workers not being in the same location or something like that. The way it was written on the exam made answer C stand apart as the obvious answer.

D. Job rotation Separation of duties - PREVENTS fraud Job rotation - DETECTS fraud

the answer is 100% B. Mandatory vacations: This policy requires employees to take vacations, which can help detect fraudulent activities and ensure that no one person is indispensable.

Another useful policy is to always require vacations. This means that people would need to leave their job and go on vacation for a certain amount of time. And usually when someone is on vacation, someone else is brought in to cover that person’s responsibilities. This is an opportunity for that person to make sure that everything is performing as expected, and it would limit the ability of any one person to commit a type of fraud. This is not a commonly seen business policy, but it’s one that you might run into if you work in a very high secure environment. https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/personnel-security/

job rotation can both detect and prevent fraud, while separation of duties primarily serves as a preventive measure. Both practices are important components of an effective internal control system aimed at mitigating the risk of fraud within an organization.

Two-person control, least privilege, and separation of duties are all designed to deter and prevent fraud from occurring in the first place. None of which would meet Wanda's objective. Of the controls listed, only job rotation serves to detect fraud that has already taken place. So, this is the correct answer.

Separation of duties

The question aske for "detecting" fraud, not "preventing". SoD prevents, while Job Rotation detects.

Separation of duties is a security principle that involves distributing tasks and responsibilities among multiple individuals or systems to prevent any single entity from having complete control over a process.

D is correct answer.

Separation of Duties (SoD): This practice involves dividing critical tasks among different employees to prevent any single individual from having complete control over a process. SoD is generally considered a more effective way to detect and prevent fraud compared to other methods. By assigning different roles to employees, it becomes harder for any one person to manipulate or conceal fraudulent activities.

choose D.

My bad. the answer is D "job rotation" . Detective : deployed to discover unwanted or unauthorized activity. Often are after-the-fact controls rather than real-time controls. For example : job rotation, mandatory vacations.... etc..

By Chat GPT, "Separation of Duties (SoD) is generally considered a more effective way to detect and prevent fraud compared to job rotation."