Video: Separation of Duties

In this lesson, Nick Palazzolo, CPA, takes a deep dive into the principle of separation of duties, an integral part of effective enterprise risk management (ERM). Highlighting the inherent risks when duties are not appropriately separated, he reiterates the necessity to disperse responsibilities related to record-keeping, custody, and authorization among different individuals to mitigate fraud and error. Nick candidly discusses how collusion and management override can disrupt this separation, and why additional controls are crucial, especially in smaller companies where roles may necessarily overlap due to limited staff. Throughout the lesson, he draws parallels with ERM content, stressing the delicate balance of risk versus reward in implementing these controls.

"Examprep.ai helped me pass all 4 CPA exams on the first try. I highly recommend. I especially like the feedback and ratings the software provides so I know where to focus my time."

Daniel H., CPA

"I can't recommend ExamPrep.ai enough. Nick's lessons turned concepts I struggled with into strengths. I was able to pass FAR right before other exams expired!"

Andrew K, CPA

"I just want to say thank you for the great lesson videos. I couldn't stay awake through lectures of another course. After watching all your FAR lessons I was finally able to pass!"

Alyssa M., CPA Candidate

Video Transcript

Instructor: Nick Palazzolo

Nick Palazzolo is head instructor of ExamPrep.ai CPA Review. Nick's teaching style is engaging & upbeat, combining practical Big 4 tax & assurance expertise with years of 1-on-1 coaching. His lessons are concise and emphasize what you need to know to pass. Whether you're a recent grad or working full-time, we’re confident you can conquer your CPA exams with Nick’s review.

Cite this lesson

Link to this page

[[ citeExample ]]

Copy to clipboard

Copy URL to clipboard

Copy HTML to clipboard

What are some risks associated with it? What are some factors that we are going to talk about to discuss how to deal with these risks? Well, we've got our separation of duties as we do in ERM, in our enterprise risk management. We're going to have a lot of similarities between that lesson and a lot of it just because it goes into more depth about how ERM specifically caters to who. This is directly taken from ERM.

If this looks familiar, I'm not lazy. I just am taking content that directly applies to both IT and ERM. We've got these. Maybe I am lazy. You can ask my mom. Growing up, I guess I didn't help out enough. Separation of duties. Well, you want to keep the record keeping, the custody and authorization, all separate from each other. Meaning if you've got individuals who record data, who physically hold or cash or inventory, whatever, and who authorize the transfer of cash inventory, all these three components need to be kept separate. Now, the two ways to really get around this more control method is collusion.

So yes, I mean, if two people work together, one person who records the transactions and one who keeps custody or one who authorizes custody or record keeping and authorization, yes, that's a way to get around this. However, it is what it is. This is the best method for the risk to reward model and management override management says, hey, we're going to fire you if you don't fraudulently record these transactions. Yeah, I mean, it can get a little messy. So those two are really the best ways to get around this separation of duties.

Additional controls need to be put into place to contain these two concerns. So personnel should never have more

Unlock the full video transcript and subtitles support with a free account!

Get more from this lesson

Create an account 7-day free trial. No credit card required.

Information Systems

Module: 3 Concepts, 33 Videos

Understanding IT Overview and Objectives

3:00

IT Governance

11:52

Electronic Data Interchange

2:16

Business Information Systems