Rotation and Separation of Duties

To define required separation and rotation of duties to minimize the risk of fraud.

University of Houston data processing employees and users of sensitive data.

1. Programming and operations functions must be performed by different individuals.
2. There should be cross training of operations staff to provide depth and backup, and to reduce individual dependence.
3. Any exception to the following guidelines regarding separation of duties for the following groups of employees should be documented and reviewed on a periodic basis for justification and risk analysis purposes:

• Programmers should not execute jobs in a production mode.
• Programmers should not control any transfers between programmer development libraries and production libraries.
• Programmers should/may not have update capability within any production application.

• Operators should not have the ability to make changes to production application or system software libraries.
• Operators should not perform balancing activities, except those necessary for run-to-run controls.
• Operators should not have the ability to make changes to job control language (JCL) of scheduled jobs without proper notification and authorization.
• Operators should execute only those jobs/programs scheduled through the established procedures.
• Operators should not execute (outside of standard production processing) data or software-modifying system utilities without proper authorization and dual control.
• Operators should not override internal tape labels without supervisory approval.

• Data entry personnel should not prepare source documents for input.
• Someone, other than the input operator, should verify all data input, unless programmatically verified.
• The same person should not perform input and output duties.
• The same person should not post and balance general ledger and other sensitive entries.
• The person who prepared the original transaction should not review rejects or non-reads for reentry.
• Master file and other sensitive transaction changes should be under dual control.