Assignment task: You're working at a midsize company with about 500 employees, and you use a suite of software tools that all use Single Sign-On for authentication. Your CSO has determined that she is the only person who should have administrative access to SSO updates, changes, and permissions.
Question:
1. What are the operational risks associated with this and why?
2. How would you explain these risks to the CSO, bearing in mind that this person is your boss, and they should already know about the risks?