A bank requires tellers to get manager approval when a customer wants to open a new account. A recent audit shows that there have been four cases in the previous year where tellers opened accounts without management approval. The bank president thought separation of duties would prevent this from happening.
In order to implement a true separation of duties approach the bank could:
A . Require the use of two different passwords held by two different individuals to open an account
B . Administer account creation on a role based access control approach
C . Require all new accounts to be handled by someone else other than a teller since they have different duties
D . Administer account creation on a rule based access control approach