Talking of effective risk and compliance programs, one of the things that makes for such an integral part of it is that of Segregation of Duties, SoD. Basically, SoD sees the separation of the persons who are tasked with the execution of different steps of the business transactions in an effort to reduce the risk of frauds and errors.
Looking at the role of SAP when we come to matters finance, we come to acknowledge the fact that SoD is such an integral responsibility for the SAP administrators and any other person who may be responsible for the aligning of SAP with the GRC.
Coming to an understanding of SoD, segregation of duties, it would be advisable that you first get to understand some bit of how businesses handle their income and expense transactions. Naturally as it happens in any system, when it comes to spending, it is a fact that there will always be a series of steps that must be followed before any monies are disbursed in an organization. Generally, this always begins with a business manager drafting a purchase order and this PO details how much a supplier of goods or services is to be paid for the service that they rendered. In order for the payment to be finally made, the purchasing department will then have to approve the vendor. And the purchase order will have to be approved by a senior manager. Then the vendor will have to provide an invoice for the services or products that they supplied for them to be finally paid. This invoice will then have to be approved by an accounts department personnel for payment then the check will be signed.
By and large, looking at the above described process for the approval of payments in an organization, you get to appreciate the fact that SoD is such a core control over financial reporting. By and large, in the event that there is no SoD, there is the odd chance that the financial reports generated may well offer some kind of invalid information. By and large, segregation of duties is seen to be such a key part and component for the need to have in place such a sure and sound internal control system and structure. Read on for more on the challenges in SAP environments and how to resolve the various SoD conflicts.