What is Segregation of Duties or Separation of Duties as it’s sometimes known as? It is an internal control designed to prevent fraud and error. It’s an elementary component of any internal control system. The control ensures that more than one person is required to complete the various tasks required to complete a business process. It’s an important control in order to achieve an effective risk management strategy. Implementing segregation of duties helps to deter errors and irregularities.
In other words, no one person should be responsible for any task. For example, one person can place an order but another must record the transaction. We can say that Segregation of Duties controls implement an appropriate level of checks and balances upon the activities of individuals.
In an idealistic situation, more than one person should manage a function. An employee with multiple functional roles within an organisation can abuse the power they are given hence the need for SOD controls. No organisation should underestimate the importance of SOD.
Some common Segregation of Duties include:
Entering a journal entry and approving a journal entry.
Opening envelopes containing checks and recoding the checks in the accounting system.
What do Segregation of Duties (Separation of Duties) Controls prevent?
Segregation of Duties controls help reduce the potential damage from the actions of one person. It is much more difficult to commit fraud if more than one person is completing a task. Enforcing SOD is an important control to achieve an effective risk management strategy.
“All major audit firms are now testing SoD controls and holding executives accountable for successful risk remediation, in response to the to control-driven regulations worldwide”, states Jane Jones, Global Channels Director here at SafePaaS.
She also adds that, “SoD is a basic internal control that ensure no single individual has the authority to execute two or more conflicting sensitive transactions with the potential to impact financial statements. However, without comprehensive SoD polices and advanced analytics that detect violations across thousands of application access points, SoD control implementation, testing, remediation and mitigation can be extremely difficult to achieve.”
Implement effective SOD controls
It can be extremely difficult and costly to implement effective SOD controls in an ERP system but SOD is the most effective way to prevent internal fraud within your ERP system. A lack of segregation of duties is a significant contributing factor in occurrences of fraud. It is critical to achieve effective internal control.
Read about the SafePaaS Segregation of Duty Solution. Rapid and reliable segregation of duty risk reporting.