Many companies have spent a considerable amount of effort to create the required business rules to identify conflicts. This task is complicated for different reasons: It requires an integrative and detailed knowledge of the full ERP application. Typically, knowledge of the ERP application is dispersed in different areas of expertise, with different people. To achieve consistency, strong coordination is required. …
Habit 3: Put First Things First – Prioritize SOD Conflicts based on Risk Exposure
A Segregation-of-Duties conflict can be defined as the situation where one ERP user has access to a combination of critical functions. This combination exposes the risk of fraud or error and eventually jeopardize the credibility of financial reports. Identifying SOD conflicts in an ERP system is a difficult task. It requires knowledge of all functions in the ERP system, combined …