Self-service Segregation of Duties controls

Self-service Segregation of Duties controls

Rapidly Remediate Segregation of Duties (SoD) risks with Role Owner Assignments

The new Segregation of duties Remediation Request Survey, now available in SafePaaS’ Enterprise Access Monitor (EAM) enables a unified, simplified, and, agile process that can be configured based on business needs making your segregation of duties process more self-sufficient. SafePaaS allows key members of the SoD compliance process to collaborate and communicate more easily, and on time.

You can now perform Segregation of Duties review and record corrective actions based on the business application roles assigned to SoD reviewers responsible for SoD risk remediation and mitigation or acceptance.

Flexible and Effective Remediation Process

Customers have the flexibility to configure the remediation process to their needs and requirements for effective access controls management. For example, you can decide that when incidents are reported from SafePaaS, they’ll be reviewed by IT security to ensure that SoD, data privacy, sensitive access policies, and other system configuration issues are evaluated before progressing to the next level of review or approval. IT Security can also mark exceptions for service accounts, look at the raw data, and clean it up. You can send violations to each manager or “role owner” for review.  

Simplified and Automated Service-Service Actions

We make reviewing thousands of users’ access easy in a self-service review process by giving role owners a simple screen to select multiple violations and quickly apply a control. We allow role owners to drill down and look at the elements of the conflict within and across roles, allowing you to see what business activities the role can perform.

This new functionality enables audit firms to ensure that the certification of access includes the certifier’s knowledge and that the certifier understands the role to the detail level, according to PCAOB guidelines. 

The workflow ensures that the work is distributed and performed self-service by the people with the best knowledge about the control and the role in your organization. But the request is also reviewed by a central team, typically Compliance, responsible for ensuring the controls operate effectively. 

Agile Workflow Management

Organizations are continuously looking to optimize and improve their operations through workflows. Workflows help streamline and automate business tasks, minimizing error and increasing overall efficiency. Workflow allows management to make faster, improved decisions and empowers employees to collaborate more productively, especially with hybrid and remote work models.

The enhanced workflow management system can help customers streamline IT governance controls, as well as improve the efficiency and productivity of the enterprise. The rule-based logic can handle mundane tasks, like sending follow-up email reminders, reassigning activities, and delegating authority.

Agile workflow management is now available for SafePaaS customers using the Enterprise Access Certification Management product. This game-changing capability eliminates the need to chase employees for documentation, which often, is the most time-consuming part of the certification process. You can ensure timely, accurate, and complete audit tracking progress every step of the way. 


The workflow allows for:

  • Termination of the active workflow at the top level
  • Reassignment of actions at the role owner level
  • Reminders of pending actions at the role owner level
  • Escalation of pending or past due actions to supervisor above the role owner
  • Delegation of future workflow action assignments

The post Self-service Segregation of Duties controls appeared first on SafePaaS.

*** This is a Security Bloggers Network syndicated blog from SafePaaS authored by Emma Kelly. Read the original post at: