Mitigating Controls – Should you use them?

Mitigating Controls – Should you use them?

Mitigating Controls – Should you use them?  What controls should you have?

Mitigating controls on a risk situation is never as desirable as an effective segregation of duties.  But it is recognised that in some situations, a breach of a security rule may just have to exist (for example if someone is providing temporary cover for another role within their department). 

What sort of mitigating or compensating controls should you consider? 

  • Second signature – to authorize bank payments, salary transfers, purchase orders etc
  • Review by a Supervisor – the daily journal entries reviewed and signed by the employee’s supervisor
  • Exception reports – run reports which show all SOD exceptions and review/authorise.  eg
    • Report of changes to G/L
    • Report of postings recorded on accruals accounts
    • Report on pending items resulting from reconciliations
    • Report on any adjustments made to a prior period
    • Report of payments over a given threshold
    • Report on changes performed to master data
    • Etc…. you get the picture!
    • Independent Review – a detailed review of all transactions where an employee has two roles giving SOD breaches, or…
    • Random Review – spot checks periodically by an independent person

Change Control

Standard JDE E1 provides only limited change control of menu changes (through OMW) and no change control of security changes.

Use ALLOut Risk Management to enforce the proper testing for SOD and Compliance, and the automated control of User Access conflicts.  Automate your security change approval process and allow our delivered reports to streamline your review controls and audit process.

ALLOut will also allow you to control role assignments – allowing an approval process, recording a ‘reason’ code and justification and alerting you if a role is assigned which would cause a breach.  You then have the option to ‘hard stop’ that assignment or a simple ‘warning’ with the option to upload and record the mitigation for that breach.  ALLOut provides over 80 sample mitigations as part of the latest version of its SODMaster spreadsheet.

Contact Us

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy. You can always revoke your consent by clicking on the icon at the bottom left of the screen.

Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These are cookies that are required to enable you to browse our website and use its features, for example, to log into secure areas of our website.
  • mfn-builder
  • itsec_interstitial_browser
  • wam_assigned_roles[0]
  • wordpress_logged_in_
  • wordpress_sec_
  • wordpress_test_cookie

Google Recaptcha is a spam prevention system (Google Recaptcha) to ensure that our site is spam free. Read more here and here
  • UULE
  • NID

Decline all Services
Accept all Services