Explain how defining positions in an organization can safeguard against security threats.

 Effective human safeguards begin with definitions of job tasks and responsibilities. In general, job descriptions should provide a separation of duties and authorities. For example, no single individual should be allowed to both approve expenses and write checks. Instead, one person should approve expenses, another pay them, and a third should account for the payment. Similarly, in an inventory, no single person should be allowed to authorize an inventory withdrawal and also to remove the items from the inventory. Given appropriate job descriptions, user accounts should be defined to give users the least possible privilege needed to perform their jobs. Similarly, user accounts should prohibit users from accessing data their job description does not require. Because of the problem of semantic security, access to even seemingly innocuous data may need to be limited. Finally, security sensitivity should be documented for each position. Some jobs involve highly sensitive data. Other positions involve no sensitive data. Documenting position sensitivity enables security personnel to prioritize their activities in accordance with the possible risk and loss.

Thank you