This report begins with a review of segregation of duties and sensitive access controls, and reasons why both subjects are often misunderstood by the audit and compliance community. It then offers an 11-step method for assessing business processes to find gaps where SoD and SA controls are necessary, establishing those controls, testing them for effectiveness, and documenting the process for outside review. The book includes (as appendices) several Excel spreadsheets giving examples of SoD and SA rules, and of capability listings to help assess control risks in key business processes.
- Topics
- Webcasts & Training
Protect your company from cyber risks
Take this self-directed, interactive course to deepen your understanding of cybersecurity risks and learn about the latest regulations to keep your organization compliant and prepared for today’s dangerous cyber environment.
Register Learn more
- Events
The industry's premier event promises to bring risk and compliance professionals, federal regulators, and thought leaders together in a free exchange of ideas, best practices, and actionable information.
Register
- Resource Library
- Special Reports
- Membership
Learn from the latest headlines and protect your company today
- Connecticut fifth state to pass comprehensive data privacy law
- KPMG facing $17.6M fine following Carillion tribunal
- Report: Investigation costs rising, driven by data assessment inefficiencies
- FCA fines, bans director over unauthorized compliance duties
Individual Corporate
No comments yet