London (PRWEB UK) 22 October 2016
Segregation of Duties (SoD), sometimes referred to as the ‘four eyes principle’ been around as a basic, but effective, financial control for longer than anyone can remember. So why are not all organizations successful in managing SoD policies, processes and compliance?
Some organizations still rely on an "I hope so" attitude to segregation of duties risk, hoping that organisational, job based segregation will suffice. Others have invested heavily in a SoD process and technology that is heavily focussed at a dominant ERP system, but not necessarily the end-to-end process.
“Despite, or maybe because of, the “white heat” of attention and investment in internal controls in the wake of the accounting scandals of the last decade and the ‘SOX Years’, many organisations are still not systematically addressing some of the foundation risks in source to payment, customer to cash, inventory management, and financial accounting and reporting, There are a number of reasons we can observe for this, but it is always timely to review the changing face of risk, opportunities for improvement and new techniques for cost effective management of the organisation’s assets and cash” – Dan French, Founder and CEO at Consider Solutions. . .
The ACFE estimates the average company loses the equivalent of 5% of its revenues to fraud, waste and error. And there is no evidence of this reducing any time soon. In many respects, the situation is getting worse due to the growing awareness of the weaknesses and lack of oversight of corporate business processes, the anonymity provided by systems and technology and creativity of a malfeasant minority. These are legitimate concerns within every organization, as controls struggle to keep up with the pace of change in processes and systems.
The most effective, but basic, anti-fraud, waste and error control is managing the risks related to segregation of duties (SoD). This ‘four eyes’ principle applies to all critical combinations of activities that are required to request and authorize financial transactions, purchases, credits and payments, access and maintain records for cash, valuable equipment or inventory, or reconcile accounting records.
SoD vulnerabilities often occur due to over-confidence in three areas; in the trustworthiness of employees and contract staff, in the hope that job role segregation will suffice and in the effectiveness of automated accounting and ERP systems and controls, such as system access rights. Lack of awareness of complexity is a cause for concern and can result in a strategy that largely depends on hope!
Many organisations have been deterred from addressing SoD in a systematic way due to a concern over costs and benefits of such approaches. The single biggest catalyst for addressing the issue is typically a fraud event or an external audit finding of insufficient and ineffective control. But by the time these events occur, the damage has been done.
The opportunity for better governance and control now exists for every organisation, large and small and every type of ERP-suite from SAP, Oracle, Infor, Microsoft or Sage, or the smaller industry specific ERPs such as Workday, Workforce Software, Cornerstone, NetSuite and Unit4, M3 (MOVEX), S3, LX (BPCS), LN (BAAN), SmartSuite, Navision, Axapta, Agresso, purpose built applications or a combination of the above. The tools and techniques described in the webcast are applicable to all flavours of accounting and ERP Systems.
Topics of discussion include the changing nature of risk, case studies and debacles involving Segregation of Duties issues, how to implement an effective SoD process and governance framework, and a lightweight approach to automating continuous SoD monitoring, as well as a chance for Q&A with the panelists.
This event will take place on Thursday 3rd November. This webcast will particularly appeal to those involved in financial, process, audit and IT management responsible for risk, control and good governance.