Separation of duties is the use of multiple personnel to perform tasks to limit the chances of fraud, theft, and errors. By breaking a task into components handled by different members of the staff, a company can prevent unwanted activities and exert better quality controls. This can be challenging at a small company where the staffing may be too limited, but at big companies it can be a critical part of a security program. In some regions, laws specifically mandate the separation of duties for sensitive tasks; in a particularly important example, the captain of a ship cannot launch cruise missiles without following a very specific, and separated, chain of command.
In a workplace where separation of duties is used, tasks are broken into three different phases. In the first phase, someone must approve an activity, like issuing a computer to a new staff member or generating paychecks. In the second phase, someone actually needs to perform the task; a member of the computing department provides a computer to the staff member, for example, and the staffer signs for it. Finally, the third component involves auditing to make sure the task was performed appropriately.
Separation of duties requires a different staff member at each point. Staff members in charge of authorizations cannot actually perform activities, thus limiting the chances where employees could take their own initiative to do things like collecting funds from the company. Keeping auditing separate means that before authorizing a task, an employee needs to make sure it is appropriate, as the auditor will flag it if there is an issue. Likewise, separating auditors and people who complete tasks means that a separate staff member investigates claims of improperly completed tasks and periodically audits task performance to make sure no staff members are performing outside the scope of their duties.
For accounting, separation of duties is critical. This limits chances for financial fraud and also provides a mechanism for catching errors; the person cutting paychecks, for example, could ask for confirmation on an unusually large or small check. Maintenance of accounting integrity is important for companies of all sizes and separating out tasks makes it easier to audit and control the accounting system.
This is also important for general security, safety, and performance. Separation of duties plays a role on the factory floor, in military operations, and in activities like information security. If a business has any situations where a single person could do something and ensure it went undetected, this represents a security threat and calls for an evaluation to see if it's possible to put separation of duties in place.