Segregation of Duties Concepts Explained

Segregation of Duties (SoD) is the concept of internal controls which attempt to ensure that no single individual has the authority to execute two or more conflicting, sensitive transactions with the potential to impact financial statements. Often these controls are to prevent a single individual from being able to carry out a complete process, without collusion from another individual.

  • SoD compliance is a growing concern for many entities – although it is a long-established method of preventing fraud and error. Regulations (e.g. Sarbanes-Oxley in the US) have increased the need, awareness and thoroughness of controls – thus highlighting the need for integrated IT and financial controls.
  • Defining and applying internal controls is difficult due to the increasing complexity and automation of key business processes.
  • As businesses grow, additional access is typically granted to more users – over time this may result in the original security controls no longer being effective as designed.
  • Multiple users can acquire access to sensitive processes across many functional areas and critically they may gain the ability to carry out a complete process, from start to finish, that best practice SoD design would necessitate being divided amongst multiple individuals.
  • Using ad hoc checks to control risk is not best practice nor is such an approach effective given the inherent complexities of EnterpriseOne (E1) security – these need to be replaced with systematic procedures.

Each complete process within your business should be analyzed, individually, to determine which steps give rise to potential risk – i.e. where fraud or error could occur.

While this may seem a daunting task, it is critical for compliance and most likely will be required to pass your Audit.  Compliance will also mean that you are ready for GDPR in this area!

Contact ALLOut to find out how the JDE toolset can simplify this process for you, we offer a pre-defined set of JD Edwards SOD rules which you can apply to your system, and a reporting tool to not only assess your security status but help to appease those auditors!

Contact Us

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy. You can always revoke your consent by clicking on the icon at the bottom left of the screen.

Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These are cookies that are required to enable you to browse our website and use its features, for example, to log into secure areas of our website.
  • mfn-builder
  • itsec_interstitial_browser
  • wam_assigned_roles[0]
  • wordpress_logged_in_
  • wordpress_sec_
  • wordpress_test_cookie

Google Recaptcha is a spam prevention system (Google Recaptcha) to ensure that our site is spam free. Read more here and here
  • UULE
  • NID

Decline all Services
Accept all Services