Set up and apply segregation of duties

Completed

Security or policies may require that specific tasks be performed by different users. You can set up rules to separate tasks that must be performed by different users. This concept is named segregation of duties. This helps reduce the risk of fraud, and helps you detect errors or irregularities.

For example, you might not want the same person both to acknowledge the receipt of goods and to process payment to the vendor. Segregation of duties helps you reduce the risk of fraud, and it also helps you detect errors or irregularities. You can also use segregation of duties to enforce internal control policies.

To comply with regulatory requirements, such as those from Sarbanes-Oxley (SOX), International Financial Reporting Standards (IFRS), and the United States Food and Drug Administration (FDA), use segregation of duties.

Default duties are provided. The administrator can modify the privileges that are associated with a duty or create new duties.

Identify and resolve conflicts in segregation of duties

When the definition of a security role or the role assignments of a user violate the rules, the conflict is logged.

All conflicts must be resolved by the administrator. To identify and resolve conflicts and verify whether user role assignments comply with new rules for segregation of duties, you need to run the Verify compliance of user-role assignments process from System administration > Security > Segregation of duties > Verify compliance of user-role assignments.

Screenshot of the verify compliance of user role assignments with rules for segregation of duties page.

After you select OK, to run the process, a notification displays the results of the validation. If there is a conflict, you can open the Users page and change the user’s role assignments.

Conflicts are also logged on the Segregation of duties conflicts page. To run the verification process as a batch job, select Batch processing, and then set the other batch parameters. After the batch job runs, you can review the conflicts in the Segregation of duties conflicts page.