Enforcing and monitoring segregation of duties (SOD) is an effective means of minimising the risk of fraud. ACL has the ability to extract security rules to independently verify whether there are any weaknesses in your SOD structure. What’s more, where potential SOD issues are identified, ACL can be used to determine whether these rights were exploited. Turning SOD on its head, certain transactions and activities could be monitored to identify whether SOD violations occur, i.e. where the authoriser and approver are the same person.
The segregation of duties analysis does not prevent fraud where more than one individual is in cahoots but it could help to harmonise the rights of individuals performing similar roles, to highlight users with powerful profiles or to identify menus, functions, or transactions that have been assigned to a user and never used, or to identify user profiles that are being modified prior to or shortly after an audit.
With ACL at your fingertips, there’s no limit to what can be achieved.