Segregation of duties in ERP systems
To reduce the risk of fraud and unauthorized transactions, no single individual should have control over two or more parts of a process. This is a segregation (or separation) of duties.
A simple example would be of an assistant in the accounts department who has been assigned access to amend supplier master file details and to make payments, which could lead to fraud as individuals create a supplier and process fraudulent payments to themselves. From experience, most segregation of duties issues occur because an organization has not taken a risk-managed approach to designing processes. There is frequently a lack of focus and attention given to the design, operation and monitoring of segregation of duties with organisations.
- SAP health check to gain clarity on your organization’s Segregation of Duties violations and identify the possible implications.
- Implementation or optimization of SAP controls through automation and rationalization to streamline existing controls or implement automated control solutions.
- Implementation support for SAP BusinessObjects Access Control.