Advanced Search

Save Or Share This Report

For Security & Risk Professionals

Segregation Of Duties: A Building Block For Enterprise IT Controls

March 20, 2007

Authors

Why Read This Report

Organizations are increasingly focused on segregation of duty (SoD) controls, driven by the Sarbanes-Oxley Act of 2002 (SOX) and similar regulations. The increasing complexity and diversity of IT business applications require organizations to consider automated control solutions that may provide efficiency in review and enforcement of business application controls. But there is no perfect end-to-end fit regarding SoD controls, as there are many intricacies of IT applications in a heterogeneous environment. Enterprise IT organizations need to develop a strategy for SoD based on proactive and preventative controls and related procedures. Also, automated solutions for monitoring, detection, and prevention should be placed around the business applications and the enterprise IT architecture, recognizing that these solutions are still maturing and that multiple point solutions are required.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).

Purchase

Table of Contents

  • Segregation Of Duties Is A Critical Controls Concept
  • Defining The Controls Universe
  • Use SoD As A Building Block For Enterprise Controls And GRC Strategies
  • RECOMMENDATIONS

  • Manage IT Control Risks With A Sustainable Solution Framework
  • WHAT IT MEANS

  • The Risk And Controls Context Is Moving Well Beyond SOX
  • Related Research Documents

Recommended Research