Four-eyes principle

from Wikipedia, the free encyclopedia

The two-man rule ( English two-man rule ) is in the organization theory a preventive control in which certain cycle elements , workflows , work processes , operations , functions , decisions , actions or processes only by identical decisions of at least two people must be carried out .


The four-eyes principle is one of the most frequently used control measures. It dominates all organizations and institutions . The government is subject to parliamentary control , the judiciary controls the legislature , whereby legal remedies also enable the control of court judgments by higher authorities . In companies , the classic separation of functions at the highest corporate level is the separation of the tasks of the organs , because the board of directors manages the company, conducts its business and represents it externally. The supervisory board in turn monitors the management board. The aim of the four-eyes principle is to reduce the risk of errors and misuse .


The four-eyes principle usually requires more staff because there has to be a dedicated worker entrusted with control tasks . This prevents the control and the controlled activity from being carried out by the same worker ( conflict of interests ). It is necessary that the two workers are personally (neither related to one another nor married to one another) and organizationally (separated by different functions and positions ) independent of one another . A four-eyes principle is also guaranteed by internal auditing , a department in larger companies.

use cases

In companies, the four-eyes principle is implemented in operational functions such as purchasing and incoming goods inspection , production and quality assurance , financing and financial controlling .

The four-eyes principle is provided for the separation of functions between the front office and back office of the various business areas when concluding and confirming / executing transactions. In data processing, there is an organizational separation between data acquisition and data release . Access controls on IT systems can implement the four-eyes principle by entering two passwords . The pair programming and also signature regulations for the power of representation through A and B signature (control and processing , countersignature ) are to be assigned to the four-eyes principle. Cashiers and auditors are typical tasks with the four-eyes principle. If the re-examination of an expulsion order required by Directive 64/221 / EEC does not take place by a second independent body ("four-eyes principle"), the expulsion is illegal because of a procedural error, unless there is an "urgent case" in front.


The four-eyes principle is an expression of the multiple-eyes principle. With the six-eyes principle, there is the participation or control of three instances as a further tightening of security compared to the four-eyes principle. The 1000 eyes principle - also known as the “10,000 eyes principle” in major projects - is a method of quality assurance in crowdsourcing projects such as Wikipedia , OpenStreetMap , water depth mapping from OpenSeaMap and others. Thousands of users and authors check data they know and iteratively improve it . The quality can improve a little with every step - but it doesn't have to be. In this way, a high quality standard is achieved that in some cases exceeds the quality of classic processes.

Type of participation

  • With the collaborative multiple eyes principle , two or more people with different skills work together and complement each other. A separation of functions is essential here to solve the task.
  • In the testimony of multiple eyes , one person carries out the task while one or more other people observe, testify and confirm the process and the result.

Areas of application

Areas of application of the multiple eyes principle in one of its forms are:

The four-eye control can be found across industries in a large number of internal company work processes that are rated as critical. Processes are always critical if, if not carried out properly, they can result in personal injury or significant financial consequences. Four-eye checks are just as common in the cockpit of an aircraft as in payment transactions, for example . The four-eyes principle is often part of company regulations, such as important and outwardly directed, legally significant decisions (such as sales contracts ) must be signed by two people if a marginal earnings limit is exceeded.

The four-eyes principle as a corporate management principle tries to bundle the creativity and attention of the decision-makers in order to increase the efficiency of problem-solving : "Four eyes see more than two". The possibility of internal specialization in the management team and the possibility of mutual representation are also advantageous . The higher time required for decision-making and the resulting increase in costs are accepted in terms of the expected quality assurance and improvement. If stalemate situations arise due to opposing opinions , however, decision-making can also be blocked. A structural danger of the four-eyes principle is the tendency to superficiality in details when the partners rely on each other's attention.

The four-eyes principle is also used for safety-related activities that must be accompanied by at least two people. Security-relevant processes are often structured in terms of workflow organization in such a way that the four-eyes control must absolutely take place so that the process can be completed. In payment transactions, for example, a person can enter the payment transaction data into the system used for this purpose. Only the password-controlled release by another person enables the electronic transmission of the data to the bank.

Extreme Programming (XP) takes this system to extremes with its pair programming . Despite its name, XP is more of a project management paradigm than a programming paradigm. The principle here is that no work step is carried out alone.

The four-eyes principle is also less often understood as the obligation to maintain professional secrecy : information resulting from a one-to-one conversation may not be passed on to third parties ( confidentiality for doctors and lawyers and confessional confidentiality for priests).

Application examples

Use of nuclear weapons

In both the Soviet Union and the USA , the two-man principle applied to the use of nuclear weapons on submarines during the Cold War . In the USA, both the commanding officer and the executive officer had to authenticate the order to use nuclear weapons; on Soviet submarines, this task was performed by the commander and the political officer .

Only when both persons confirmed that the command to use the weapons by the respective high command was authentic, the weapons could be shot. Today, Russian , French and British submarines have similar regulations as American boats.

Construction (building construction)

In Germany, the four or even six eyes principle is used in construction . Because usually there is the architect who is initially responsible for the building and the design; Then there is the structural engineer who checks the structural components, the safety, i.e. the stability and security of the construction. In addition, there is the structural engineer who checks this structural analysis again.

Credit institutions

In banks and capital management companies , the separation of functions is even required by law. For credit institutions that looks Banking Supervision , organizational separation of customer-related market side and back office before. On the basis of Section 25a (1) KWG , according to BTO 1.1 no. 1 MaRisk, a credit institution must ensure a separation between front office and back office up to and including management level. The "market" initiates the business and has the first vote on credit decisions , the back office analyzes the risks and contributes an independent second vote. According to Section 29 (1) of the KAGB, capital management companies must set up and maintain a permanent risk control function that is hierarchically and functionally independent of the operational areas. In the opinion of the BaFin, the “four-eyes principle” is not fulfilled if at least two members of the Executive Board who work on the executive board do not have the professional qualifications in accordance with Section 33 (1) No. 3 and (2) KWG. The Federal Administrative Court (BVerwG) clarified that the question of the dual control principle and professional and personal suitability must be seen separately. According to the judgment, necessary managers within the meaning of Section 33 (1) No. 4 KWG must act independently and have a decisive influence on ongoing banking transactions ; their activities must be structured in such a way that the managers can control, represent and relieve each other. According to Section 33 (1) No. 4 KWG, the position of a manager required by the four-eyes principle cannot be taken by a person who is a manager within the meaning of Section 1 (2) KWG, but only "on an honorary basis" for the credit institution is active; Such a person cannot perform the function of a necessary manager because he is unsuitable for this due to his or her merely voluntary work.


In medicine , the principle appears in the form of a second opinion. The doctor gets a second opinion to confirm his diagnosis before treatment by a specialist colleague. For example, the brain death of the patient must be determined independently by two doctors before organs can be removed for an organ donation .

Critical activities are secured in pharmaceutical as well as chemical production. These include, for example, calculations, the weighing of (raw) materials, reading off important data and all activities that could lead to mix-ups.

Club work

In many associations the bookkeeping of the association's finances is carried out by a treasurer . In order to protect the association from possible mistakes that the treasurer accidentally made in his accounting and their consequences, e.g. in the tax audit , one or two cash auditors are usually employed. After an independent check of the accounts of the treasurer / treasurer, these auditors confirm that the accounts are mathematically and - as far as comprehensible - content-wise correct. This means that a four-eyes principle (one cash auditor) or six-eyes principle (two independent cash auditors) is implemented to ensure that the association's bookkeeping is correct.

Math background

The following mathematical consideration is useful  :

The probability for a certain decision brought about by two people is Here are the individual probabilities (for i = 1 or 2), and an "influence function", which describes the mutual influence of the two people. If the decision is judged to be "unreasonable" by outsiders, they will generally be small.

If the two people are independent in their behavior , then P = 1 . The double integral then simply results in where the small -intervals and the arbitrary intermediate values from these intervals are (for the sake of simplicity, continuity is assumed). So for an “unreasonable decision” you get a “squarely small”, ie “very small” value, e.g. B. 0.01, while with only one person the same “unreasonable decision” would only get a “simple-small” value, e.g. B. 0.1.

Now to the influence function: In general, the influence of the second person on the first is to be assessed positively, since “reasonable decisions” or compromises are encouraged. However, it is not impossible, but very unlikely, that the second person encourages the first to be irrational or uncompromising. In such a case, which - as I said, is unlikely in the case of independent samples - a “four-eye decision” would be more likely to make “unreasonable” alternatives.

Cooperation is therefore a complex phenomenon; however, it is more likely to lead to more sensible decisions (see all standard textbooks on mathematical statistics; statements about independent samples are mainly used).

See also


  • Tilman Gerhardt, Jörg Ritter: Management Appraisal - Assessing the skills of executives and recognizing potential. Campus, Frankfurt 2004, ISBN 3-593-37340-8 .

Individual evidence

  1. Stefan Hunziker / Stefan Renggl / Marcel Fallegger, Internal Control Systems in the Financial Sector , 2018, p. 36
  2. BVerwG, judgment of September 13, 2005, reference number: 1 C 7.04
  3. BaFin of December 14, 2012, circular 10/2012 (BA) - Minimum requirements for risk management - MaRisk
  4. BVerwG, judgment of December 1, 1987, Az .: BVerwG 1 C 8.87 = BVerwGE 78, 297
  5. The irreversible failure of all brain functions (brain death) as a prerequisite for organ donation. see. Section How is the irreversible failure of all brain functions (brain death) determined? Federal Center for Health Education (BZgA), accessed on May 1, 2018 .