CompTIA Security Plus Mock Test Q471

Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable function for the ABC Company without any supervision. Management has noticed several new accounts without billing invoices that were paid. Which of the following is the BEST management option for review of the new accounts?

A. Mandatory vacation
B. Job rotation
C. Separation of duties
D. Replacement


Correct Answer: A
Section: Compliance and Operational Security

Explanation:
A mandatory vacation policy requires all users to take time away from work to refresh. Mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels. Mandatory vacations also provide an opportunity to discover fraud. In this case mandatory vacations can allow the company to review all the new accounts.

Incorrect Answers:
B: A job rotation policy defines intervals at which employees must rotate through positions.
C: A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization. Much like job rotation and it will not prevent two employees with legitimate access to information from working together to steal information.
D: Replacement of staff is not the best option to review the new accounts.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 25