A security principle that says no one person should be able to effect a breach of security. For example, the person who writes a check should not be the one to sign it. Separation of duties requires that people who make changes in production source code hand off their changes to someone else for installation control. Separation of duties forces rogue employees into attempting collusion and thus risking discovery by honest coworkers. See
dual control.