Separation of Duties - Computer Definition
This principle prevents any part of the computer system from being under the control of a single person. Every duty or transaction therefore requires multiple people to be involved, with tasks being split among them. In banking, this idea has long been part of the security features of the financial community as a means to control fraud and theft. Now the same concept is applied to computer systems and information security practitioners.
Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website. http://www.linuxsecurity.com/resource_files/documentation/hacking-dict.html.
A security principle that says no one person should be able to effect a breach of security. For example, the person who writes a check should not be the one to sign it. Separation of duties requires that people who make changes in production source code hand off their changes to someone else for installation control. Separation of duties forces rogue employees into attempting collusion and thus risking discovery by honest coworkers. See dual control.