Why is segregation of duties in IT important? What are some of the risks to AIS’ and financial reporting you could foresee if there were not proper segregation of duties in the IT function of a company? Did anything in the article jump out at you that is something you know or company (or a company you know of) is not doing? With a small company, how can segregation of duties be applied when there are limited resources?
https://wwvv.sans.eduicyber-researchisecurity-laboratory/articlent-separation-duties
