What is segregation of duties (SoD)? - Definition from WhatIs.com


segregation of duties (SoD)

Part of the Security management glossary:

Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. 

SoD involves breaking down tasks that might reasonably be completed by a single individual into multiple tasks so that no one person is solely in control. Payroll management, for example, is an administrative area in which both fraud and error are risks. A common segregation of duties for payroll is to have one employee responsible for the accounting portion of the job and someone else responsible for signing the checks. 

Although it improves security, breaking tasks down into separate components can negatively impact business efficiency and increase costs, complexity and staffing requirements. For that reason, most organizations apply SoD to only the most vulnerable and the most mission critical elements of the business.

Segregation of duties is also known as separation of duties.

See also: four eyes principle, risk avoidance, corporate governance, accounting error, regulatory compliance, compliance burden

This was last updated in January 2014
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms


  • access recertification

    - Access recertification is an information technology (IT) control that involves auditing user access rights to determine if they are correct and adhere to the organization’s internal policies and co... (WhatIs.com)

  • access governance (AG)

    - Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with excessive access rights, inactive users and orphan accounts. (WhatIs.com)

  • email spoofing

    - Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. (SearchSecurity.com)


  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About segregation of duties (SoD)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.