Thursday, April 06, 2006
Segregation of Duties
Most financial processes don’t operate inside a vacuum of a single financial system or perfectly defined roles that eliminate all segregation of duties conflicts. Real world compliance demands a complete, closed-loop control system that identifies SoD conflicts across multiple systems, quantifies control risk based on how (and if) a control weakness is exploited, monitors known risks where SoD conflicts cannot be eliminated and provides documented proof of control effectiveness.
Oversight Systems takes continuous controls monitoring to the next level by combining user access rights testing with its patented real-time transaction inspection. Preventive controls combine with real-time detective controls to provide best practices in corporate governance, compliance and risk management.
Until Oversight, companies had to choose between controls software that either tested a single ERP system for SoD conflicts or analyzed historical transactions for control violations. However, our patented software builds upon each of these first generation technologies to:
* Identify SoD conflicts across heterogeneous financial systems
* Analyze all historical transactions to determine if SoDs were ever violated
* Prioritize corrective actions based on actual risk of where SoD violations have occurred
* Implement automated mitigating controls where SoD conflicts cannot be eliminated
posted by Brian Moran @ 11:01 AM