# Segregation of Duties (SoD)

## Description

<p class="callout success">The segregation of duties (SoD) is a fundamental element of internal controls, defined to prevent error and fraud. Segregation of duties ensure that at least two individuals are responsible for the separate parts of any task.</p>

For each user, the roles tab displays the list of roles assigned to the user and the possible risks. If you click on a role record, Soffid will show the entitlement details including the SoD rules with the detail of the risk.

## Screen overview

[![image-1719395914312.png](https://bookstack.soffid.com/uploads/images/gallery/2024-06/scaled-1680-/image-1719395914312.png)](https://bookstack.soffid.com/uploads/images/gallery/2024-06/image-1719395914312.png)

[![image-1719395935325.png](https://bookstack.soffid.com/uploads/images/gallery/2024-06/scaled-1680-/image-1719395935325.png)](https://bookstack.soffid.com/uploads/images/gallery/2024-06/image-1719395935325.png)

## Related objects

1. [**Information Systems**](https://bookstack.soffid.com/books/soffid-3-reference-guide/page/information-systems "Information systems")
2. [**Roles**](https://bookstack.soffid.com/books/soffid-3-reference-guide/page/roles "Roles")

<div id="bkmrk-custom-attributes"><span style="color: #222222; font-size: 2.8275em; font-weight: 400;">Custom attributes</span>  
<svg class="svg-icon" data-icon="link" role="presentation" viewbox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"></svg></div>- **Name**: name of the segregation separation of duties
- **Information System**: asset or application, from a functional point of view, on which the permissions are granted or revoked.
- **Type**: type of segregation 
    - **Trigger on all permissions**: no user can be assigned the roles added to the role list.
    - **Trigger on some permissions**: if you select that option, you have to fill in the number of roles that can not match. Soffid will not allow you to assign to a user more than the number indicated of the roles added to the role list.
    - **Query permissions matrix**: Soffid displays a matrix that allows you to select the risk between pairs of roles, those roles are the roles added to the role list.
- **Risk**: level of risk: 
    - **Low**.
    - **High**.
    - **Forbidden**: it is not allowed that one user to have assigned the roles defined on the role list.
    - **None**: there is no risk.
- **Role List**: list of roles to keep in mind on the segregation of duties.

## Actions

#### Segregation of Duties query actions

<table border="1" id="bkmrk-query-allows-to-sear-0"><tbody><tr><td style="width: 177px;">**Query**

</td><td style="width: 632px;">Allows you to query Segregation of Duties through different search systems, [Basic and Advanced](https://bookstack.soffid.com/books/soffid-3-reference-guide/page/search-types "Search Types").

</td></tr><tr><td style="width: 177px;">**Add new**

</td><td style="width: 632px;">Allows you to add a new Segregation of Duties in the system. You can choose that option on the hamburger menu or click the add button (+).

To add a new Segregation of Duties it will be mandatory to fill in the required fields

</td></tr><tr><td style="width: 177px;">**Delete**

</td><td style="width: 632px;">Allows you to remove one or more Segregation of Duties by selecting one or more records and next clicking the button with the subtraction symbol (-).

To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

</td></tr><tr><td style="width: 177px;">**Download CSV file**

</td><td style="width: 632px;">Allows you to download a CSV file with the basic Segregation of Duties data.

</td></tr></tbody></table>

#### Segregation of Duties detailed actions

<table border="1" id="bkmrk-apply-changes-allow-" style="height: 247px;"><tbody><tr style="height: 57px;"><td style="width: 159px; height: 57px;">**Apply changes**

</td><td style="width: 650px; height: 57px;">Allows you to save the data of a new role or to update the data of a specific role. To save the data it will be mandatory to fill in the required fields

</td></tr><tr style="height: 79px;"><td style="width: 159px; height: 79px;">**Delete**

</td><td style="width: 650px; height: 79px;">Allows you to delete a Segregation of Duties. You can choose that option on the trash icon.

To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

</td></tr><tr style="height: 35px;"><td style="width: 159px; height: 35px;">**Undo**

</td><td style="width: 650px; height: 35px;">Allows you to quit without applying any changes.

</td></tr><tr style="height: 47px;"><td style="width: 159px; height: 47px;">**Add new role**</td><td style="width: 650px; height: 47px;">Allows you to add a new role to the Role list. You can add a role by clicking the add button (+), then Soffid will show a form to search and select one or more roles. Finally, you need to click the apply changes button and the roles will be added to the role list.</td></tr><tr style="height: 29px;"><td style="width: 159px; height: 29px;">**Delete role**</td><td style="width: 650px; height: 29px;">Allows you to delete one or more roles from the role list. You can select one or more roles and then click the button with the subtraction symbol (-). The roles will be deleted from the role list without Soffid asking for confirmation.

</td></tr></tbody></table>