<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=523033&amp;fmt=gif">

Segregation of Duties Made Easy

Analyze Access of Your Business Systems

The Fastpath Assure® Suite includes a module for Segregation of Duties (SoD). The SoD module analyzes access in your business software, by user or role, down to the lowest security level, and reports conflicts or risks associated with the access.

Segregation of duties is the practice of separating the access needed to perform a business process between multiple users in order to limit the risk of fraud, error, and misstatement. For example, take the process of paying vendors. You don’t want to give one person the capability of both creating and paying a vendor because you run the risk of the user creating and paying themselves as a vendor.

Developed in conjunction with internal and external auditors, Fastpath Assure is delivered with built-in audit intelligence to enable users to efficiently and effectively analyze their Microsoft Dynamics, Oracle, SAP, Intacct, NetSuite and other applications for potential segregation of duties conflicts. With Fastpath Assure, users can propose, approve, and implement resolutions and mitigations within the system throughout the audit process.

FEATURES:

  • Delivered with an extensive conflict rule set designed to identify potential conflicts for most ERPs
  • Analyze segregation of duties by user, role, or down to the lowest levels of access
  • Ability to conduct security access reviews
  • Review and sign-off on controls, mitigation, and user access within the solution
  • Export reports in multiple formats including PDF and Excel for distribution
  • Compatible with third party add-ons and custom functionality

 

 

Easily Find and Report SoD Conflicts in Your System

Businesses may understand the need for segregation of duties (SoD), but recognizing SoD conflicts in their system can be another story. This may result from an incomplete list of conflicts, an inability to easily pull access data, or an excessively complicated access model with dozens, hundreds, or even thousands of users and access points to review. Any of these issues can make SoD reviews inefficient, if not impossible.

The SoD module in Fastpath Assure comes with a conflict rule set designed by internal and external auditors and mapped to the specific business software used. The module can use the rule set to automatically review the user access and roles in your system for conflicts and report them in an easy-to-read and comprehensive report.

Conflict management 

Conflict management ×

Conflicts are Inevitable, Use Mitigating Controls

No matter the size of your business, conflicts will exist in your system. For smaller businesses, you may not have enough staff to sufficiently segregate duties. In larger businesses, you may have so many users that overlapping access and role capabilities may occur. In addition to increasing risk, conflicts create compliance problems. So, what do you do with the conflicts you cannot remove from your system? You mitigate them.

The Fastpath Assure SoD module helps in two ways, allowing mitigations to be recorded and providing audit reports for those mitigations. While not actively mitigating the conflict, this allows for the reporting of all mitigations in one place. When the auditor finds the conflicts, they are also given the mitigation in use, simplifying the audit process and providing accountability in your business.

As Your Company Grows, Conflicts Will Too

You’ve gone through your entire system, cleaned up your critical conflicts and mitigated your risks, but are you done? No! The inevitable growth and change in organizations creates new conflicts and risk. This is why regular access reviews are important.

With Fastpath Assure, the SoD module allows real-time review of roles and users to identify when an issue occurs. The module includes the ability to create reports and schedule them to be run regularly, so conflicts can be recognized and mitigated early and often.

Role Conflicts 

 ×

Take the Worry Out of SOX Audits

A primary concern for auditors is for organizations to have control of their financial system. When auditors check your system for SoD they are looking to identify conflicts, review the associated mitigating or compensating controls, and analyze which user signed-off on those mitigations. Prepping all of this information for your auditors can be extremely time-consuming and costly.

What if you could have this information prepped for you? With Fastpath Assure, the SoD module can continually track your system for SoD conflicts, mitigations can be logged, and reports can be scheduled for regular review. The reports can be sent out in multiple formats and sign-offs can be recorded for auditor review later. With these abilities, much of your audit prep can be completely automated.

Key Considerations When Selecting GRC Software | Fastpath GRC

Key Considerations When Selecting GRC Software

Sarbanes-Oxley regulations are complex, but there are ways to simplify it. In this short E-book, Norman Marks focuses on simplifying your controls and other considerations when choosing your GRC software.

Download the Paper

Innovation in User Experience for Automated Controls_2020_Award

GRC 2020's Innovation in User Experience Report

GRC 20/20 Research, LLC (GRC 20/20) provides clarity of insight into governance, risk management, and compliance (GRC) solutions and strategies through objective market research, benchmarking, training, and analysis. Read their report on Fastpath Assure®, the security and compliance platform which won their "Innovation in User Experience for Automated Controls" Award in 2017!

Get the report here!

Others_Template_Role Duty Matrix for D365-1

Dynamics 365FO Matrix


Building roles and implementing strong security in D365FO can be a daunting task, so we created a tool to assist in designing security roles for Dynamics 365 for Finance and Operations.

Get the Matrix!

Others_Template_Access Controls in SAP

Access Controls in SAP - The What and How of SAP Security

Whether you know the importance of access controls or not, implementing and maintaining them can still be a difficult part of your SAP security plan. The audit and security expert, Keith Goldschmidt, goes over what access controls are, how SAP handles them, how you should implement and maintain them, and even suggests some tools to make the process easier on you.

Download the Paper

RAPID INSTALL
AUDIT EXPERTS ON STAFF INCLUDING CIA, CISA, CPA & CRISC
SKILLFUL AND ATTENTIVE SERVICE & SUPPORT PROFESSIONALS
UNLIMITED USERS

Why You Should Use Object-Based Security Analysis

Attention to Detail With a risk-based audit approach, you can leverage your understanding of your own organization to define how you approach risk and compliance. No longer do you need to apply a “one size fits all” approach to appease your auditor – instead, you can choose to focus on what matters to you. When it comes to assessing access risk in your ... Read More

3 Reasons You Can’t Count on Spidering as an Audit Tool for NetSuite

There is a rumor floating around that could have very serious implications for your business. The claim is that “spidering”--a technology that takes an inventory of data on a given website at a specific point in time—is an effective way to continuously monitor changes to NetSuite environments. Unfortunately, this claim is dead wrong. In an informal poll across the Big 4 and Certified ... Read More

Fastpath Completes SOC 1 Type 2 Examination

Demonstrating Continued Quality and Integrity of the Fastpath Assure® Cloud Platform Des Moines, IA, November 27, 2018 - Fastpath, a leader in audit, security, and compliance software, announced today that it has successfully completed the Service Organization Control (SOC) 1 Type 2 ... Read More