Watch this video:
Read the following:
- Kyriazodoglou, IT Strategic and Operational Controls,Chapter 2
- “What Every IT Auditor Should Know About Proper Segregation of Incompatible IT Activities” http://www.isaca.org/Journal/archives/2012/Volume-6/Pages/What-Every-IT-Auditor-Should-Know-About-Proper-Segregation-of-Incompatible-IT-Activities.aspx
- COBIT 5: Enabling Processes: APO06 & APO07 https://drive.google.com/a/temple.edu/file/d/0B8S2SZTC04ViYVRpUWxTczU4RXM/view?usp=sharing
Consider the Your Neighborhood Grocer case.
https://drive.google.com/a/temple.edu/file/d/0B8S2SZTC04ViRkR4SEs0bUgxdWM/view?usp=sharing