Skip to main content

Create SoD matrix

Description

The segregation of duties (SoD) is a fundamental element of internal controls, defined to prevent error and fraud. Segregation of duties ensures that at least two individuals are responsible for the separate parts of any task.

You can find additional information by visiting the Segregation of Duties page.

Step-by-step

1. First, you must select the Create SoD matrix and click the OK button.

image-1676992791359.png

2. Once you click the OK button, Soffid will browse to the Segregation of Duties page in order to add a new  SoD

image-1677072359690.png

3. Finally you must save or Apply changes to save the SoD.

image-1677499985787.png

Standard attributes

  • Name: name of the segregation separation of duties
  • Information System: asset or application, from a functional point of view, on which the permissions are granted or revoked.
  • Type: type of segregation 
    • Trigger on all permissions: no user can be assigned the roles added to the role list.
    • Trigger on some permissions: if you select that option, you have to fill in the number of roles that can not match. Soffid will not allow you to assign to a user more than the number indicated of the roles added to the role list.
    • Query permissions matrix: Soffid displays a matrix that allows you to select the risk between pairs of roles, those roles are the roles added to the role list.
  • Risk: level of risk:
    • Low.
    • High.
    • Forbidden:  it is not allowed that one user to have assigned the roles defined on the role list.
    • None: there is no risk.
  • Role List: list of roles to keep in mind on the segregation of duties.