Browse Definitions :
Definition

segregation of duties (SoD)

Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task.

SoD involves breaking down tasks that might reasonably be completed by a single individual into multiple tasks so that no one person is solely in control. Payroll management, for example, is an administrative area in which both fraud and error are risks. A common segregation of duties for payroll is to have one employee responsible for the accounting portion of the job and someone else responsible for signing the checks. 

Although it improves security, breaking tasks down into separate components can negatively impact business efficiency and increase costs, complexity and staffing requirements. For that reason, most organizations apply SoD to only the most vulnerable and the most mission critical elements of the business.

Segregation of duties is also known as separation of duties.

See also: four eyes principle, risk avoidance, corporate governance, accounting error, regulatory compliance, compliance burden

This was last updated in January 2014

Continue Reading About segregation of duties (SoD)

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • What is cyber hygiene and why is it important?

    Cyber hygiene, or cybersecurity hygiene, is a set of practices individuals and organizations perform regularly to maintain the ...

  • Pretty Good Privacy (PGP)

    Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate ...

  • email security

    Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • information lifecycle management (ILM)

    Information lifecycle management (ILM) is a comprehensive approach to managing an organization's data and associated metadata, ...

  • WORM (write once, read many)

    In computer media, write once, read many, or WORM, is a data storage technology that allows data to be written to a storage ...

  • direct access

    In computer storage, direct access is the process of reading and writing data on a storage device by going directly to where the ...

Close