| 1. | Click Security management. |
| 2. | Sub-task: Create rule. |
| 2.1 | Click the Segregation rules tab. |
| 2.2 | Click New. |
| 2.3 | In the Name field, type a value. |
| 2.4 | Select the first duty that is controlled by the rule. |
| In the First duty field, enter or select a value. | |
| 2.5 | Select the second duty that is controlled by the rule. |
| In the Second duty field, enter or select a value. | |
| 2.6 | Select the severity of the risk that occurs when the same user or role performs both duties. |
| In the Severity field, select an option. | |
| 2.7 | Enter a description of the security risk. |
| In the Security risk field, type a value. | |
| 2.8 | Enter a description of the actions that you take to mitigate the security risk. For example, you can mitigate the risk by conducting more detailed reviews of the process, by conducting a monthly managerial review, or by sharing resources with other departments. |
| In the Security mitigation field, type a value. | |
| 2.9 | Close the page. |
| 3. | Sub-task: Create rule for preselected duties. |
| 3.1 | Click the Duties tab. |
| 3.2 | In the list, find and select the first duty that is controlled by the rule. |
| 3.3 | In the list, find and select the second duty that is controlled by the rule. |
| 3.4 | Click Create SOD. |
| 3.5 | In the Name field, type a value. |
| 3.6 | Select the severity of the risk that occurs when the same user or role performs both duties. |
| In the Severity field, select an option. | |
| 3.7 | Enter a description of the security risk. |
| In the Security risk field, type a value. | |
| 3.8 | Enter a description of the actions that you take to mitigate the security risk. For example, you can mitigate the risk by conducting more detailed reviews of the process, by conducting a monthly managerial review, or by sharing resources with other departments. |
| In the Security mitigation field, type a value. | |
| 3.9 | Close the page. |
| Related to | Notes |
|---|---|
|
Manage segregation of duties |
