160 ◾ The Security Risk Assessment Handbook
© 2011 by Taylor & Francis Group, LLC
assessor should expect there to be some policies and procedures in place to
ensure that the activities are performed in a manner that enforces the security
policy of the organization.
◾ Monitoring—Covered in Section 6.1.1.2.
◾ Double-Key Data Entry—is is a data entry method in which each trans-
action is entered twice. e rst data entry and the second data entry are
checked for consistency with each other. is control helps to reduce errors
and fraud.
◾ Two-Man Control—Covered in Section 6.1.1.2.
6.1.3.3 Asset Control
Asset control involves the explicit control and tracking of individual organizational
assets. is includes both tangible assets and intangible a ...