It is an illusion that a company does not have segregation of duties conflicts or that zero conflicts can be achieved. Initial, Cleanup or Continuous Compliance states of your authorizations require SoD risks and conflicts being mapped with the controls of the internal control system if no further remediation of SoD conflicts is feasible. This reduces, i.e. mitigates, the risk resulting from remaining conflicts. You need to ensure further that mitigating controls are implemented, tested and/or assessed. While mapping the SoD risks and the ICS controls, you must ensure that the mitigating controls can really lower or avoid the risks.
Service: We are assisting you with the design of Mitigating Controls & Process to ensure that the mitigation of SoD Risks is mastering the next revision of internal or external audit.
Benefit: From the integration between SAP Access Control and ICS Management process supported by SAP Process Control. Ensure the ongoing compliance in your security-related processes.