Separation of Duties (SoD) violations are often caused by ineffective and noncompliant role designs. Many users inadvertently obtain access to sensitive functionality through the combining of security permissions, and access permissions are frequently left in place after job transitions. Leaving these SoD violations unaddressed opens an organization to fraud, security violations, operational inefficiencies, and compliance failings. Companies are forced to spend excessive time and money attempting to remove unauthorized access privileges from the user community, while also incurring significant costs implementing and testing compensating controls.
To help clients identify and remediate SoD violations, the Focal Point ERP Advisory team has developed an analysis methodology that resolves SoD violations, corrects role design flaws, and reduces the cost of compliance. Our ERP experts use both internal SoD tools and industry leading diagnostic tools like ERP Maestro’s Access Analyzer for SAP and Absolute Technologies for Oracle EBS to identify and evaluate SoDs. Following our analysis, our team develops a remediation strategy that ranks each violation by the level of its risk to the organization.
By removing SoDs from your user community and developing a provisioning strategy that avoids them in the future, you are able to maximize the return from your ERP investment, minimize fraud risk, secure your data and enable long-term, sustainable compliance.
Our approach leverages the organization's process, procedures, GRC tools (if deployed) and previous successes. By doing so, our time is spent on what we were engaged to do, removing SoD’s and reducing fraudulent and financial reporting risk. To do this we:
To remediate the identified and remaining violations, we have developed two methods: role remediation and role redesign. Role remediation is best suited for organizations that have a strong role design structure and need minimum role changes. A role redesign is best suited for organizations that have significant flaws in the role design or ongoing struggles with provisioning user access privileges. Both methods have been designed to remove SoD violations, allowing an organization to extend access privileges to authorized users without increasing risk to the company.
Focal Point's SoD analysis quickly pinpoints specific SoD issues within your organization, a process that can often take companies weeks to do, and provides clients with a step-by-step plan for mitigating these risks.
Other benefits include: