Segregation of Duties, AKA “SOD”, is where a user is provided with one or many business or IT functions that may present the ability to commit fraud, make unapproved changes or transact activities with no ability for oversight. If a user can transact every activity within a business process from start to finish, there is generally considered to be a lack of segregation of duties. If a user can perform two or more functions that create the ability to commit fraud without oversight that would also be an SOD concern.
The following SOD related controls are organized by Platform. You can also “Jump To” Control Types and Categories by clicking on the link located at the right of this screen.