Robert Kugel's Analyst Perspectives

Separation of Duties at Jurassic Park

Posted by Ventana Research on Jun 14, 2010 2:21:32 PM

You really, really have to be a nerd to watch Jurassic Park and see the absence of separation of duties (SoD) and inadequate process controls as a core plot device. To explain, one of the pivots in the story line of Jurassic Park is the point where the villain of the story, “Dennis Nedry” decides to steal some dinosaur embryos and sell them. The company created some safeguards in their systems to prevent this from happening but (as usual) they were mainly designed to guard against outsiders, not to prevent internal fraud. Knowing how they operate (since he wrote the code), the villain shuts down key systems so that he can override security systems designed to prevent just this sort of possibility.

Read More

Topics: GRC, Operational Performance Management (OPM), Seperation of Duties, Business Performance Management (BPM), Financial Performance Management (FPM), risk management