This report begins with a review of segregation of duties and sensitive access controls, and reasons why both subjects are often misunderstood by the audit and compliance community. It then offers an 11-step method for assessing business processes to find gaps where SoD and SA controls are necessary, establishing those controls, testing them for effectiveness, and documenting the process for outside review. The book includes (as appendices) several Excel spreadsheets giving examples of SoD and SA rules, and of capability listings to help assess control risks in key business processes.
Thank you to all of our attendees at Compliance Week 2019!
"I always circle the Compliance Week conference on my calendar. It is the one event that draws experts in the field, as well as key regulators and government officials to discuss current and emerging issues."
-- CCO, Fortune 150 company
- Resource Library
- More navigation items