Segregation of Duties is defined as the separation of incompatible duties that could allow one person to commit and conceal fraud that may result in financial loss or misstatement to the company.
The IAM policy of the organization should provide guidance to enforce the segregation of duties. Using these guiding IAM policies, the design and implementation of IAM solutions should enable a proper execution of the segregation of duties at a process level and at a system level within the ICT infrastructure of the organization. Well-designed business processes that also including appropriate business roles are prerequisites for SoD. The business lines should be in the lead with active SoD policies to drive the enforcement of the SoD in their business operations.
We have experience in designing and implementing authorization and access management solutions, including SoD, for ERP systems such as Oracle EBS.
We provide the ability to monitor the compliance with SoD rules, using logs to assess SoD violations. In doing so, our solution helps to efficiently support a periodic compliance review process by auditors.