Which control ensures responsibilities are divided to reduce fraud risk in IAM?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Identity and Access Manager Exam using flashcards and multiple-choice questions. Gain insights into the exam format, practice with real-world scenarios, and ensure your success in becoming a certified professional.

Multiple Choice

Which control ensures responsibilities are divided to reduce fraud risk in IAM?

Explanation:
Segregation of duties is the control that splits responsibilities across different people or roles to prevent fraud and errors in IAM processes. By ensuring that no single user can complete all steps of a critical task, you create checks and balances. In practice, duties are divided among those who request or obtain access, those who approve access, and those who audit or monitor activity. This means that fraudulent actions typically require more than one person and leave an audit trail, making it harder to conceal wrongdoing. Other controls address separate needs: periodic access reviews validate existing rights, a centralized repository provides a single source of identity data, and metrics/indicators help detect unusual activity—none by themselves enforce the essential division of responsibilities.

Segregation of duties is the control that splits responsibilities across different people or roles to prevent fraud and errors in IAM processes. By ensuring that no single user can complete all steps of a critical task, you create checks and balances. In practice, duties are divided among those who request or obtain access, those who approve access, and those who audit or monitor activity. This means that fraudulent actions typically require more than one person and leave an audit trail, making it harder to conceal wrongdoing. Other controls address separate needs: periodic access reviews validate existing rights, a centralized repository provides a single source of identity data, and metrics/indicators help detect unusual activity—none by themselves enforce the essential division of responsibilities.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy