- What is segregation of duties and why is it a commonly used control? Give an example of two (e.g. IT) roles that should be segregated?
- Security in an ERP system (e.g. SAP) is complex. What is the most fuzzy, difficult to understand component? Explain
- What key (1-2) competencies does the person responsible in a company for security (e.g. for a given process) need to have to be successful? Why?
- All companies are dynamic entities with employees and others using systems coming and going all the time. What best practices have you experienced or would you recommend for managing system users and their related security access?
Leave a Reply