For Oracle® E-Business Suite

Streamline Segregation of Duties

Segregation of Duties reporting without the pain

CaoSysWhether you’re subject to Sarbanes-Oxley or not, auditors recommend Segregation of Duties (SoD) as the most effective way to reduce the risk of internal fraud.

But implementing effective SoD controls and reporting on violations in your Oracle E-Business Suite system is very challenging, often involving complex spreadsheets, manual cross-checking or off-the-box solutions.

Many SoD solutions involve analyzing an extract of your configuration data to report on SoD conflicts, but are unable to report on your live environment – so by the time you have performed the analysis, the information could already be out of date, with subsequently updated access rights causing new conflicts that go undetected.

CS*Comply is designed to solve these problems and empower you to take a much more proactive approach.

Keep your system clean with preventive and detective controls

Segregation of DutiesIt gives you an easy way to define your SoD rules within your Oracle E-Business Suite environment, by specifying pairs of functions (or function groups) that should not be accessible by the same user.

The Conflict Scanning Engine then analyzes your live access settings very rapidly and displays the results in a dashboard, ranking conflicts by the degree of risk they incur, so that you can prioritize further investigations.

Drill down facilities enable you to investigate conflicts by User, Responsibility, Function or Rule and the Remediation Toolkit greatly reduces the workload of removing existing conflicts.

To prevent unauthorized activity, if a user attempts to access a function that would cause an SoD violation, CS*Comply denies access, but allows the user to request permission to use the function.


  • Better SoD controls for a fraction of the effort
  • Build robust, proactive, manageable SoD controls into your live system
  • Prevents future SoD violations
  • Up-to-date SoD status information is available on demand
  • Keep your system clean with regular reporting
  • Reduces the workload needed to prepare for your audits and clean up afterwards
  • Quickly answer auditors' questions and produce the evidence they need
  • Affordable by organizations of all sizes


If you need a starting point, our pre-seeded rules, compiled by experienced auditors, can be adapted to your specific requirements. There are over 600 rules covering almost 20,000 Function based risks.

However many users, access combinations and rules you have, the scanning engine will detect all the SoD conflicts in your live system within minutes.

To cater for occasions such as temporary absence, where you need to waive a rule to allow someone to cover extra responsibilities, CS*Comply allows you to apply and document User Exceptions. These will not report as conflicts during the specified period.

When a user requests permission to access a denied function, the appropriate authorizer is automatically notified of the request, so that he/she can quickly grant or deny access as necessary. If appropriate, temporary access can be granted that will expire when the end date is reached.

Each conflict rule can be assigned a rank to denote its level of risk, and each rank can have notification groups assigned to them. If an access request is granted, all members of the relevant notification groups are informed to ensure that exceptions to rules are fully transparent.