The IT Law Wiki

Dual control

32,085pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Dual control is "[d]ividing the responsibility of a task into separate, accountable actions to ensure the integrity of the process."[1]

Dual control is a

[p]rocess of using two or more separate entities (usually persons) operating in concert to protect sensitive functions or information. Both entities are equally responsible for the physical protection of materials involved in vulnerable transactions. No single person is permitted to access or use the materials (for example, the cryptographic key).[2]

References Edit

  1. FFIEC IT Examination Handbook, Business Continuity Planning, Appendix B: Glossary (full-text).
  2. Payment Card Industry (PCI) Data Security Standard Glossary, Abbreviations and Acronyms (full-text).

Also on Fandom

Random Wiki