BNL Home

Policies Home

Separation of Duties for MODERATE level Information Systems

1.0 Purpose

This document describes the requirement of Separation of Duties in the various MODERATE level Information Systems.

2.0 Scope

These requirements apply only to those Information Systems categorized as MODERATE risk in the context of FIPS Publication 199.

3.0 Background

Separation of Duties (SoD, sometimes referred to as "Segregation of Duties") is an attempt to ensure that no single individual has the capability of executing a particular task/set of tasks. This is a concept familiar to those in the financial industry, where for example, staff who enter accounts payable invoices into the system are not allowed to then approve them as well.

In the context of implementing SoD at BNL, this requirement is to ensure accountability as well as limit the ability of individuals to negatively impact the Confidentiality, Integrity, or Availability of the particular Information System. It is understood that different Information Systems will have different requirements (Confidentiality will be more pertinent in the Protected Core than in the Perimeter, for example).

4.0 Policy

System Owners must identify the relevant IT roles for their Information Systems. Once identified, SoD must be implemented such that critical/operational IT functions are separated into distinct jobs to prevent a single person from harming a development or operational system or the services it provides, whether by an accidental act, omission, or intentional act.

The roles identified (and implementation of SoD) must be listed in the particular Information System's security plan.

5.0 Enforcement

Management responsible for the secure operation of the Information System is held accountable for implementing SoD to mitigate the risks.