Have you reviewed how you control the assignment of roles in your organization? Roles are one of the most critical tools used to manage your system. But what happens if users change jobs? What is the best practice for role assignment?
Have a look at the controls you can apply to make sure you keep up with your compliance requirements and reduce risk. ALLOut has developed a number of distinct process to help handle role assignments:
Regulatory and corporate governance best-practices are increasingly requiring that critical business processes (including role assignment) are clearly defined and documented.
2. Role Assignment Controls
Each organization will require different levels of oversight for their role assignment process. Different alternatives you can use:
- Preventative SoD: notifies you of SoD breaches before assigning a role. Do not wait for a Segregation of Duties violation, prevent it! Isn’t it a brilliant idea?
- Role Assignment Controls: you can define groupings of roles to be assigned to users (and list of users whom roles can be assigned) and the associated approvers who are responsible for assigning these roles. So, you can make it simpler for your company.
3. Role Assignment Requesting & Approving: you can implement a 2-step controlled process for assigning roles. Auditable approval processes delivered!
- Request: User or manager requests a role assignment
- Approval: A designated individual approves that request. The role assignment can be created automatically or as a 3rd step.
Assignment: Request is converted to a Role Relationship record without extra data entry.
Check out how can ALLOut help you having best practices in your organization when assigning roles!