Segregation of Duties (SoD) conflicts can have major financial implications for organizations, for example, due to fraud. A SoD conflict arises when a single user is authorized for a combination of specific critical business processes. For example, a SoD conflict exists, if the same user can create new vendors and also release payments to vendors. Such a conflict enables the potential for fraud and other compliance issues. That’s why many large organizations leverage so-called Governance, Risk & Compliance (GRC) solutions to identify and mitigate SoD conflicts.
While Xiting is not a competitor in the GRC market, the company has developed integrations with Access Control, SAP’s GRC solutions, enabling role administrators to identify and mitigate SoD conflicts already during the role design phase. The advantage of being able to identify potential conflicts before committing to role changes is that it is less effort to mitigate those risks before they materialize in the production landscape.
Additionally, Xiting also delivers rulesets containing critical authorizations and combinations thereof to small- and medium-sized customers for which deploying a full-fledged GRC solution would be overkill. Xiting’s SoD analytics engine is available in Xiting Role Profiler and Xiting Role Designer, part of the Xiting Authorizations Management Suite (XAMS).