Running head: ROLE-BASED SECURITY 1 ROLE-BASED SECURITY 2 Role-based Security Role-based Security The separation of duties within Kudler Fine Foods is important as it limits the amount of power any one individual holds (Gregg, Nam, Northcutt & Pokladnik, 2013). It also enables the management of conflicts of interest and the appearance of conflicts of interests, as well as prevents fraud. It requires that for certain sets of transaction, no single person will be able to perform all the transactions within the set (Ferraiolo & Kuhn, n.d.). As an example, fraud can be prevented in the handling of money by having one sales person take the order while another sales person marks the order as paid. On the other hand, someone from the fulfillment department would be responsible for shipping the product. By having different employees assume different duties for the handling of money, controls are put in place, which ensure the security and accuracy of the order information being entered into the system. Another example would be that the Department Manager’s duties would be separate and different from those of the HR personnel. While the Department Manager handles product or item requisitions, the HR personnel is responsible for hiring employees and classifying employees’ benefits based on their positions in the organization. By separating the duties of the Department Managers from those of the HR personnel, it can be ensured that only the qualified and authorized people are able to make product requisitions and are able to modify employee benefits, respectively. In the same regard, using roles to segregate data and system access among members of an organization will help ensure that only the authorized people are able to perform certain tasks. Roles can be likened to the employees’ positions in the organization while their level of data and system access can be likened to their duties. For example, only Department Managers should have access to the Inventory and the list of suppliers while only the HR personnel should have access to employee information. With these restrictions to system and data access, it can be ensured that an HR personnel will not mistakenly – intentionally or unintentionally – place orders for items that do not need replenishing. Similarly, it would ensure that Department Managers are not able to see the salaries of their fellow Department Managers and that they are not able to assign more benefits to their favorite employees. Comment by marjorie: How you implement this at Kudner Fine Foods? In this regard, a role-based access control system would be the best way of accomplishing this type of security as a role-based control system has the mechanisms that can be used for the enforcement of a policy of separation of duties (Ferraiolo & Kuhn, n.d.). It provides “a means of naming and describing relationships between individuals and rights” (Ferraiolo & Kuhn, n.d., p. 10), which in turn provides the organization .