Segregation of Duties (SoD) is a key underlying principle of internal controls, and is the concept of having more than one person required to complete a task. By ensuring that no single person can perform a task end-to-end you reduce the associated risk of fraud and error. This can be achieved by disseminating tasks and the associated privileges for a business process among multiple users. However, this reduced risk must of course be balanced with the increased cost and/or effort required to implement the segregation itself.
It is unrealistic to expect all organisations to have the required number of staff, or structure in place, to segregate all business critical tasks which contain a Segregation of Duties risk. Where these Segregation of Duties “conflicts” exist mitigating contols must be applied. These internal controls intend to reduce the risk of an existing Segregation of Duties control weakness.
Mitigating controls need to be managed and maintained within an organisation’s internal control framework to ensure they can continue to be relied upon for Segregation of Duties risk mitigation purposes.
At Turnkey Consulting we understand that Segregation of Duties is a common problem for companies of all shape and size, and that the recommended approach for managing the associated risks undoubtedly varies from one organisation to another. Using our experienced consultants we will:
Our service does not stop at merely identifying problems; we also provide tailored recommendations which are both effective and pragmatic in reducing Segregation of Duties risks to the level acceptable for your business. Using our extensive audit, controls and implementation experience, our consultants provide a deeper level of insight from their thorough understanding of a well controlled environment.
Turnkey's SAP GRC Managed Services help you ensure your SAP systems are secure with the latest SAP GRC tools and expertise. All delivered through the flexible and scalable Bedrock delivery model.
With Turnkey's SAP Security Managed Services, you get flexible access to both experienced onshore staff and highly-skilled offshore SAP security expertise - based in our Malaysia SAP Security Centre.