Having bullet-proof Segregation of Duties Risk definitions is a tough task and a balancing act: on one hand SoD Rules should be complete covering all possible transactions (including custom one!) per business function. On the other hand addressing low risk areas with very detailed risk rules can cause a lot of unnecessary efforts and make the risk mitigation process cumbersome. The Challenge can further increase if your business processes are distributed among various ERP systems.
SAP delivers Out of the box SoD Risk rules as a part of SAP Access Control which can be a good starting point. Having SoD Rules customized and making them fit your specific business processes and compliance requirements is highly recommended and can save a lot of unnecessary efforts.
Service: depending on where you are in your SoD journey we can help you to establish new or optimize existing SoD Risk Rules set. We make sure that your SoD rules fit your compliance requirements (SOX, GDPR, Antifraud etc.), business processes and applications.