Personnel Policies – Job Rotation

If you plan on taking the Security+ exam you should have a good understanding of the various personnel policies that organizations implement including a job rotation policy. These policies are used to define and clarify issues such as personnel behavior, expectations, and possible consequences. Personnel learn these policies when they are hired and as changes occur.

This blog is an excerpt of acceptable use topics from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.

Some of the other policies directly related to personnel are:

• Acceptable use
• Mandatory vacations
• Separation of duties

Job Rotation Practice Test Question

Here’s a sample job rotation question for the Security+ exam from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.

Q. Two administrators within an organization perform different functions and have different privileges. They are required to swap roles annually. What policy would direct this?

A. Mandatory vacation policy

B. Separation of duties policy

C. Least privilege policy

D. Job rotation policy

Ideally, you should not only know what the correct answer is, but also why it is correct and why the incorrect answers are incorrect.

Job Rotation

Job rotation is a concept that has employees rotate through different jobs to learn the procedures and processes in each. From a security perspective, job rotation helps to prevent or expose dangerous shortcuts or even fraudulent activity. Knowledge is shared with multiple people, and no one person can retain explicit control of any process or data.

For example, your company could have an accounting department. As mentioned in the separation of duties section, you would separate accounting into two divisions Accounts Receivable and Accounts Payable. Additionally, you could rotate personnel in and out of jobs in the two divisions. This would ensure more oversight over past transactions and help ensure that employees are following rules and policies.

In contrast, if a single person always performs the same function without any expectation of oversight, the temptation to go outside the bounds of established policy increases.

Job rotation policies work well together with separation of duties policies. A separation of duties policy helps prevent a single person from controlling too much. However, if an organization only used a separation of duties policy, it is possible for two people to join together in a scheme to defraud the company. If a job rotation policy is also used, these two people will not be able to continue the fraudulent activity indefinitely.

Job rotation policies also apply to IT personnel. For example, the policy can require administrators to swap roles on a regular basis, such as annually or quarterly. This prevents any single administrator from having too much control over a network.

Job Rotation Practice Test Question

Q. Two administrators within an organization perform different functions and have different privileges. They are required to swap roles annually. What policy would direct this?

A. Mandatory vacation policy

B. Separation of duties policy

C. Least privilege policy

D. Job rotation policy

Answer. D is correct. Job rotation policies require employees to change roles on a regular basis. Mandatory vacation policies require employees to take time away from their job and help detect malicious activities. A separation of duties policy separates individual tasks of an overall function between different people. Least privilege ensures that users are granted only the rights and permissions needed to perform assigned tasks but doesn’t require swapping roles.

Personnel Policy Comparisons

• Job rotation policies require employees to change roles on a regular basis. These policies help to prevent employees from continuing with fraudulent activities.
• An acceptable use policy defines proper system usage for users. Users are often required to read and sign an acceptable use policy when hired, and in conjunction with refresher training.
• Mandatory vacations policies require employees to take time away from their job. These policies help to reduce fraud and discover malicious activities by employees.
• Separation of duties policies separate individual tasks of an overall function between different entities or different people.

Security+ Study Resources

Security+ Full Access Package

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:

• All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
• Over 40 new multiple-choice questions we’ve added after publishing the study guide.
• Over 30 performance-based questions. See a demo here.
• All of the flashcards from the study guide. View them in any Web browser.
• All of the audio from the study guide. Listen to a sample here.
• Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Study Guide Pass the Security+ exam the first time you take it with the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action. The author uses many of the same analogies and explanations he’s honed in the classroom. These analogies an explanations have helped hundreds of students master the Security+ content. You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details.

You’ll be ready to take and pass the exam the first time you take it. Each chapter includes a comprehensive review section to help you focus on what’s important. Over 440 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. Includes a 100 question pre-test, a 100 question post-test, and practice test questions at the end of every chapter. Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question.

Practice Test Questions

Check your readiness for the Security+ exam with the CompTIA Security+ SY0-401 Practice Test Questions (Get Certified Get Ahead) book. Available in both paperback  and Kindle format. Includes 307 realistic practice test questions with in-depth explanations so that you’ll know why the correct answers are correct, and why the incorrect answers are incorrect. Kindle edition includes dozens of flash cards specifically formatted for the Kindle. You can download free Kindle applications for just about any device from here.

Mobile Apps

Practice test questions for your mobile devices. Learnzapp has apps for a wide assortment of mobile devices including Apple, Android, Amazon, Nook, and Blackberry. In-depth coverage of all six domains in the CompTIA Security+ SY0-401 exam. App includes realistic practice questions to help you assess your exam readiness. Questions include in-depth explanations to help you understand why the correct answers are correct and the incorrect answers are incorrect. Flashcards to help you review important testable concepts. Buy once. Use on any device. Amazing interactive user experience. Internet connection not required.

Audio

Learn by Listening Supplement your studies with Security+ audio files read directly from the CompTIA Security+ Get Certified Get Ahead SY0-401 book. A total of over 4 hours and 40 minutes are now available. Supplement your studies with Security+ audio files you can listen to while on the go. Listen to key topics from all the chapters of the top selling CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide, or focus on just the topics you want to brush up on. Learn while driving or commuting Learn while exercising Learn any time