Certify SoD Policy
Turn periodic Segregation of Duties (SoD) policy reviews into a quick process that's easy for the approvers and satisfies the auditors.Internal auditors periodically review SoD policy definitions to certify that they are necessary and sufficient to support the SoD policies. They certify that any definition changes are authorized. That means SoD compliance reports can be trusted.
Certify SoD Policy (CSP) can eliminate administrative work usually required to distribute review materials, collect the decisions, and assemble the certification reports. CSP does it all online. External auditors can examine the documentation in the system and generate their own reports.You get process efficiency, audit accuracy, and continuous visibility.
There is no need for IT to filter SoD VM definitions for auditors and approvers to review. Or collect the approvers’ decisions. Or summarize the results.The entire process occurs within CSP, with audit progress and results available online for participants and stakeholders to view at any time. It's easy to repeat the process each year. SoD Violations Manager reports Segregation of Duties user access violations according to your conflict definitions. CSP is the way you ensure that the definitions are right for your enterprise and the SoD reports are meaningful.
Usage - Audit Managers
- Assign the definitions of revisions, function groups, function group conflicts, and function pair conflicts to individual approvers.
- Create named conflict definition audits for detailed review.
- Notify the approvers about audit launches and send reminders as needed.
Usage - Approvers
- Evaluate the risk of a user performing conflicting activities within EBS.
- Organize their work by policies and related functions, and to minimize the number of decisions necessary.
- Set the status of an SoD policy to approved, pending review, or disabled, and enter notes to document the review process and final decision.
- Upload related documentation files and link them to the SoD Policy audit.
- Dashboard graphs to monitor audit progress.
- Comprehensive interactive reporting for audit managers and approvers.
- Any type of file can be uploaded as documentation and viewed online within CSP.
- No need to extract data and distribute it to reviewers and approvers.
- Reduced preparation time and effort for external audits.
- Installation is fast and simple.
- No additional hardware or Oracle software to purchase.
- Verification that SoD business policies are accurately reflected in SoD Violations Manager’s conflict definitions, making SoD VM more reliable.
- Permanent record of all decisions about SoD policies.
- External auditors can easily review the internal review processes and the results.
- Extend User Visibility
- Revenue Visibility
- Self Service Provisioning
- GRC Certification
- GRC Auditing