Segregation of Duties (SoD)
Segregation of Duties (SoD) is a common requirement from auditors, which must be met. ProfileTailor SoD module is a single control point to enforce SoD rules on multiple platforms. It helps in eliminating Segregation of Duties conflicts and complying with SOX regulations easily and quickly. Using unique behavior-based user profiling methods,
Multi-system support from a single point
ProfileTailor SoD monitors multiple systems from a single point – allowing auditors and security managers to implement one SoD ruleset and enforce it on multiple applications simultaneously.
ProfileTailor SoD unifies all applications into one “language” so auditors and security managers do not have to try to understand each applications jargon. Additionally, changing, activating or deactivating rules can influence all systems together or only certain systems. Organizations can also create different rulesets for different systems to gain full control over their SoD compliance.
Quickly Identify Violations to SoD
In any good SoD project, speed is a factor. You need to identify the violations to SoD rules quickly in order to maintain a suitable level of satisfaction and maintain compliance. ProfileTailor Dynamics GRC generates many different types of reports and matrices, all of which serve to quickly identify violations and all of which can be downloaded into Excel for further analysis, or sent via scheduled periodic emails.
You will be able to identify SoD violations by authorization roles or by specific user. If a violation is pre-approved, you can create a remediation (mitigation) quickly so this violation will not appear again in the reports.
Rich ruleset, fully customizable
Ruleset maintenance is a focal point of any SoD module. ProfileTailor SoD includes various methods to create and maintain SoD rulesets easily and effectively, in order to maximize the level of control over Segregation of Duties.
Auditors can prepare a ruleset and upload it using a built-in mechanism and then maintain the rules inside the application. Alternatively, they can create rules in the application and then maintain, download and upload them to Excel sheets. Certain rules can be locked for editing while others can be opened, business units can edit their own ruleset while being able only to view the organization’s global ruleset.
Additionally, ProfileTailor SoD comes with a predefined ruleset that is ready for customization so organizations can be up and running almost immediately.
The ProfileTailor SoD module can be installed as an on-premise solution inside the organization’s data center, in order to give continuous protection, or can be used as cloud/SAAS installation as a continuous inspection solution. It can also be used in a single inspection mode in order to assess the organization’s situation and recommend immediate remedies.