Segregation of Duties Report overview

The Segregation of Duties (SOD) report is a tool that you can use to identify which actor, role, or security classes have access to specific actions in a Business Class or Business Task. This report supports audit reviews and proactive SOD risk detection to ensure that conflicts do not exist across Landmark applications.

Note: Some industries and companies use the term Separation of Duties instead of Segregation of Duties.

You can use the Segregation of Duties report to answer questions such as:

Which roles include access to the Payroll application?
Which Payroll users can change salary for other users?
Which users have access to set up vendors and create invoices?

To run an SOD report analysis, you must have the AdministratorConsoleAccess_ST security class assigned to one of your roles.

This table shows the key concepts you must know when running SOD analysis report:


Concept	Description
SOD template	A saved template that defines the users or roles to evaluate and the access combinations to check for conflicts. Templates are stored per data area. You can organize these templates by using a template type, specifying a priority, and configuring excluded roles.
SOD object type	A securable object type to check when running SOD analysis report. Options include Business Class or Business Task. Multiple object types are combined by using the AND or OR operator.
Run By or Filter by	Defines the subject of analysis through these options: Actor: Evaluates a specific actor or all actors. When evaluating all actors, only enabled actors with a primary SSOPV2 identity are evaluated. Role: Evaluates access granted by role definitions. Security Class: Evaluates rules at the security class level, focusing analysis directly on rule-level access.