LTIMindtree’s Segregation of Duties as-a-service

Segregation of duties, or separation of duties as it is sometimes called, is the set of controls within an organization requiring that multiple people are needed to perform a single task or critical steps within a task to avoid fraud or error. Typically, a SoD policy is set up around preventing combinations of access or transaction rights that would jeopardize the financial integrity of an organization. While these are often in place within any given application, it is also necessary that these span across multiple systems and applications. When appropriate segregation of duties does not exist, individuals may have the ability to cause damage to the business.

The concept of Segregation of Duties (SoD) is aimed at applying checks and balances on business processes. Each stage of a business process may require the involvement of more than one individual. An organization can convert this possibility into a requirement for all IT-enabled business processes by implementing SoD as part of its user provisioning solution. The overall benefit of SoD is the mitigation of risk arising from intentional or accidental misuse of an organization’s resources.

Key Highlights:

• Prevent toxic combination of access and reduce internal fraud
• Cross-application SoD management with industry’s largest SoD ruleset library
• Actively avoid proliferation of risky access with preventive SoD simulation during access request or access (re)modeling
• Lower SoD remediation fatigue with integrated usage analytics (actual vs. potential) and entitlement remediation

Key Benefits:

• Out-of-box granular SoD ruleset for financial and HR business processes based on industry best practices.
• Bring your own custom SoD ruleset.
• Utility for export of supported ERP / EHR systems’ access data.
• Import HR user records to detect users with multiple system accounts for more effective SoD violations analysis.
• Perform cross-application and/or single app SoD analysis.
• Online and offline SoD analysis report along with executive dashboards.
• Access to comprehensive controls library to gain visibility into ERP / EHR access, compliance and configuration risks.
• Ability to apply mitigating controls to SoD violations and include them in reports.
• Build awareness among the management and process owners of the risks associated with having an ineffective system user authorization.
• Reduce the risk of fraud and error due to excessive user privileges.
• Improve the internal control system through better use of the opportunities offered by utilized IT systems.
• Improve business processes through a better use of available system tools and eliminating unnecessary manual controls.
• Improve utilization of available resources (eg, a license to use the ERP system).
• Addressing the issues of lack of adequate segregation of duties raised by the auditors, contractors, regulators and other stakeholders.