Gouvernance SoD

The controls around segregation of duties (SoD) improve the reliability of your transactions, improve the confidence of external auditors and enables you to manage anti fraud requirements. By detecting and preventing these risks, the SoD controls improve the integrity of key processes and limit financial exposure.

When facing regulatory frameworks on segregation of duties (SoD) management, companies usually start monitoring it manually through extracts and excel spreadsheets.

When these processes become too complex to maintain/manage, an SoD management tools becomes a requirement and will enable the following:

  • Automatize the processes of SoD management to enable exhaustive coverage,

  • Produce dashboard and reports on demand,

  • Setup preventive controls.

Companies need to insure compliance internally, for their stockholders but also for regulatory entities which requires reactivity when it comes to status updates.

Companies that are implementing tools to manage SoD are facing a reduction in time passed on reporting and control exécution and improve their decision making processes.

Indeed, SoD controls offer a convincing framework to reduce risks as they are remediated proactively and as SoD related violations are contained.

Gartner SoD Management hypothesis

SoD controls can lower internal fraud exposure up to 60% thanks to preventive detection of failures when it comes to access management to main ERPs.

It is hard to cover SoD risks in an organisation without a dedicated tool.

Standard SoD management fails when processes are being supported by several softwares (ERP, Procurement tool, CRM, HCM etc).

The high cost of traditional ERP platforms and the absence of direct ROI make it hard for IT security departments to justify the acquisition of a dedicated access and SoD management tool.

Le GARTNER, Market Guide for SOD Controls Monitoring Tools-ID: G00293793

ArtimIS’ SoD experts support their clients in the management of SoD risks, in particular in the design or optimization of a model to identify, apprehend and remedy SoD risks:

  • Conception and revue of an SoD matrix with corresponding governance
  • Definition of mitigating controls

  • Audit & Elaboration of a mitigating plan for SoD risks (ArtimIS Risk Observator – ARO)

  • Accelerated remédiation of SoD risks and critical access with the support of our decision making tools (ArtimIs Self Remediation Tool – ASR)

  • Audit, Benchmark, Project management, intégration-migration of GRC solutions, SoD Control Monitoring and change management.