In the Cloud or On-premise
LAWSON S3 SEGREGATION OF DUTIES (SoD) REMEDIATION
SoD refers to the separation of business activities that a single person may initiate and/or validate, in order to limit or prevent erroneous or fraudulent activities. Business activities are enabled through the respective access points within an application (ex. Create Invoices, Post Journal Entries, Make Payments…)
Our Segregation of Duties application will help you implement an appropriate level of checks and balances on the activities of individuals within your organization. Our robust SoD module provides you with a set of 280 “Best Practice” polices using over 2,400 rules specifically built for Lawson by certified Lawson consultants.
Additionally by monitoring user activity we can identify the policies where the highest degree risk exist. This additional information allows you to key in on the policies that are not only violated based on security access but have also been violated based on user transactions.
Our Segregation of Duties application will help you implement an appropriate level of checks and balances on the activities of individuals within your organization. Our robust SoD module provides you with a set of 280 “Best Practice” polices using over 2,400 rules specifically built for Lawson by certified Lawson consultants.
Additionally by monitoring user activity we can identify the policies where the highest degree risk exist. This additional information allows you to key in on the policies that are not only violated based on security access but have also been violated based on user transactions.
User Conflict Grid
|
The User Conflict Grid is a great tool for strategizing exactly how to fix SoD Rule violations. The top row of the grid contains the SoD rules, the first column shows the Users being analyzed. Users are mapped within the grid to indicate where they have a SoD conflicts (green), where they have a conflict and used a form on one side of the SoD policy (yellow) or where they have a conflict and have used forms on both sides of the SoD policy (red). Isolating specific policies and users allows you to focus on your most vulnerable areas.
Selecting a cell on the user conflict grid drills to more information on how the form is being used and the specific access the user has been granted. From there you can use create simulations for Users, Roles, Security Classes and forms to determine the best course of corrective action. |
|
Minimizing Fraud Exposure with Effective ERP Segregation of Duties Controls. White Paper RSM US LLP
Achieving effective ERP SOD controls is not a “set it and forget it” process; continuous maintenance and improvement are required. However, audit and SOX compliance alone are not enough to cover the risk of fraud exposure due to insufficient ERP controls. Implementation a CCM/GRC tool can enhance SoD controls and support fraud mitigation efforts, but effective governance is key, and the processes and data supporting the tool are far more important than the tool itself. <read more>
Achieving effective ERP SOD controls is not a “set it and forget it” process; continuous maintenance and improvement are required. However, audit and SOX compliance alone are not enough to cover the risk of fraud exposure due to insufficient ERP controls. Implementation a CCM/GRC tool can enhance SoD controls and support fraud mitigation efforts, but effective governance is key, and the processes and data supporting the tool are far more important than the tool itself. <read more>
LEARN MORE
Contact us for more information about Segregation of Duties Remediation.
