segregation of duties key activities
TRANSCRIPT
Version 6.2.0 – 2019/04
ContentsPage Analytic Name
4 User creates a vendor and an invoice for this vendorSD Analytic 01
6 User creates a customer and an invoice for this customerSD Analytic 02
8 User creates a purchase order and receipts the goods or servicesSD Analytic 03
10User creates a credit memo for a customer and creates a refund for
the customerSD Analytic 04
12 User creates and approves the purchase orderSD Analytic 05
14 User creates general ledger account and posts journal entrySD Analytic 06
16 User amends vendor bank account number and pays vendorSD Analytic 07
18 User pays vendor and performs bank reconciliationSD Analytic 08
20 User adjusts selling prices and creates customer invoicesSD Analytic 09
22 User receives goods and adjusts the inventory levelsSD Analytic 10
24 User receives goods and writes off inventorySD Analytic 11
26 User receipts goods or services and creates invoiceSD Analytic 12
User Creates A Vendor And An
Invoice For This VendorSD_ANALYTIC_01_SDCS501
Identifies where a user creates a vendor and an invoice for this vendor
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 3
SD_ANALYTIC_01_SDCS501
ContextThere should be segregation
of duties between the person
creating a vendor and the
person creating invoices to
that vendor as this will ensure
the integrity of the vendor
master data is maintained.
RiskThe user could potentially create and ultimately pay fraudulent or fictitious vendors.
ProcedureIdentifies where a user creates a vendor and an invoice for this vendor.
Analytic LogicExtracts accounts payable and vendor data and analyzes processed activities to identify
where the same user has created a vendor and also created an invoice for this same vendor.
User Creates A Vendor And An Invoice For This Vendor
Output Results Field Names
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number
Output Visualization Examples
Document Type Date Amount in Document Currency
Vendor Name
Document Currency
Amount in Reporting Currency Report Currency Company Name Company Code
Summary of exceptions – user
creates a vendor and an
invoice for that vendor
Count of exceptions where
user created a vendor and an
invoice for that vendor
Page 4
User Creates A Customer And
An Invoice For This CustomerSD_ANALYTIC_02_SDCS503
Identifies where a user creates a customer and an invoice for this customer
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 5
| SD_ANALYTIC_02_SDCS503
RiskA user who is able to create customers should not be able to create a customer invoice for
that same customer as the details on the invoice could be amended to that of the employee to
ensure payment into their own account.
ProcedureIdentifies where a user creates a customer and an invoice for this customer.
Analytic LogicExtracts accounts receivable data and customer data, and analyzes processed activities to
identify where the same user has created the customer and also creates an invoice for the
same customer.
User Creates A Customer And An Invoice For This Customer
Output Results Field Names
Output Visualization Examples
ContextMaintaining customer master
data should be segregated
from customer related
transactions, such as
customer invoicing. This will
ensure valid and accurate
customer invoices issued.
Activity Description Activity Indicator Customer Number Customer Name User ID
Date Document Number Document Type Amount in Document Currency
User Full Name
Document Currency
Amount in Reporting Currency Report Currency Company Name Company Code
Heat map of amount exceptions of users
who create a customer and an invoice
Total amount of exceptions by user
and customer name
Page 6
User Creates A Purchase
Order & Receipts The Goods
Or ServicesSD_ANALYTIC_03_SDCS504
Identifies where a user creates a purchase order and receipts the goods or services
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 7
RiskA user who is able to create purchase orders and receipt those goods or services exposes a
risk that a user could be ordering such goods or services for their own benefit and without much
oversight.
ProcedureIdentifies where a user creates a purchase order and receipts the goods or services.
Analytic LogicExtracts purchase order and goods receipts data, and analyzes processed activities to identify
where the same user has created the purchase order and also receipted the goods or services
on that purchase order.
User Creates A Purchase Order & Receipts The Goods Or Services
ContextThe person ordering goods
should not be receiving the
goods. Adequate segregation
will allow for proper review
and approval of transactions
as well as preventing possible
fraudulent/incorrect orders.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Line Number Line Description Material Number
Vendor Name Date
Amount in Document Currency
Document Currency Amount in Reporting Currency Report Currency Company Code Company Name
Heat map of total value by material and user
Total value of exceptions by material & user
Pie chart of total value of exceptions by material
Page 8
User Creates A Credit Memo
For A Customer And Creates A
Refund For The CustomerSD_ANALYTIC_04_SDCS506
Identifies where a user creates a credit memo for a customer and creates a refund for the
customer
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 9
SD_ANALYTIC_04_SDCS506
RiskA user who is able to create a credit memo should not also be able to create or force a refund
to the customer as this gives the user the ability to pay customers or themselves which may
not seem material at first, but could mount and also cause reputational risk.
ProcedureIdentifies where a user creates a credit memo for a customer and creates a refund for the
customer.
Analytic LogicExtracts accounts receivable data and analyzes processed activities to identify where the
same user has created a credit memo and also created a refund for the same customer.
User Creates A Credit Memo For A Customer And
Creates A Refund For The Customer
ContextAn employee should not be
able to request a customer
credit and process the refund.
This eliminates review and
approval of credit notes and
creates the opportunity for
incorrect/fraudulent credit
notes.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator Customer Number Customer Name User ID
Date Document Number Document Type Amount in Document Currency
User Full Name
Document Currency
Amount in Reporting Currency Report Currency Company Code Company Name
Heat map of total value
exceptions by customer and
user name
Total value of exceptions by
user name and activity
Page 10
User Creates And Approves
The Purchase OrderSD_ANALYTIC_05_SDCS510
Identifies where a user creates and approves the purchase order
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 11
SD_ANALYTIC_05_SDCS510
RiskThe user could commit the entity into unplanned and unknown purchases that would otherwise
not be approved and would need to be fulfilled.
ProcedureIdentifies where a user creates and approves the purchase order.
Analytic LogicExtracts purchase order data and analyzes processed activities to identify where the same
user has created the purchase order and also approved the same purchase order.
User Creates And Approves The Purchase Order
ContextCreation and approval of
purchase orders should be
segregated to ensure
accuracy and validity of the purchase order.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Line Number
Vendor Name
Line Description Material Number Date
Amount in Document Currency Document Currency Amount in Reporting Currency Report Currency
Company Code Company Name
Heat map of total value
exceptions by user and vendor
Total value of exceptions by
user and activity description
Page 12
User Creates General Ledger
Account And Posts Journal
EntrySD_ANALYTIC_06_SDCS511
Identifies where a user creates general ledger account and posts journal entry
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 13
SD_ANALYTIC_06_SDCS511
RiskA user could be using newly created general ledger accounts to post one side of journals
intended to either overstate sales, create liabilities, affect bank balances or conceal reconciling
items or a wide range of transactions.
ProcedureIdentifies where a user creates a general ledger account and posts journal entry.
Analytic LogicExtracts general ledger data and analyzes processed activities to identify where the same
user has created a new general ledger account and also posted journal entries to the general
ledger account.
User Creates General Ledger Account And Posts Journal Entry
ContextThe responsibility for creating
general ledger accounts
should be separated from
posting journals to an
associated general ledger
account. This is to ensure the
accuracy and validity of
general ledger accounts as
well as any journal posted.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator GL Account Description User ID
Vendor ID Vendor Name Document NumberUser Full Name Date Amount in Document Currency
Amount in Reporting Currency Report Currency Company Code
Company Name
Document Currency
Pie chart of total value of
exceptions by GL account
Count of exceptions where user
creates general ledger and posts
entry
GL Account Number
Page 14
User Amends Vendor Bank
Account Number And Pays
VendorSD_ANALYTIC_07_SDCS502
Identifies where a user amends vendor bank account number and pays vendor
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 15
SD_ANALYTIC_07_SDCS502
ContextMaintaining vendor master
data should be segregated
from vendor related
transactions, such as vendor
payments. This will support
valid and accurate vendor
payments.
RiskA user who is able to pay vendors and amend a vendor’s bank account number could direct
payments to incorrect or their own bank accounts.
ProcedureIdentifies where a user amends the vendor bank account number and pays vendor.
Analytic LogicExtracts accounts payable and vendor data, and analyzes processed activities to identify where
the same user has amended a vendor's bank account number and also paid the same vendor.
User Amends Vendor Bank Account Number And Pays Vendor
Output Results Fields
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Type Date Amount in Document Currency
Vendor Name
Document Currency
Amount in Reporting Currency Report Currency Company Name Company Code
Total value of exceptions
by user
Count of exceptions where user
amends vendor bank account and
pays vendor
Page 16
User Pays Vendor And
Performs Bank ReconciliationSD_ANALYTIC_08_SDCS507
Identifies where a user pays vendors and performs bank reconciliation
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 17
SD_ANALYTIC_08_SDCS507
RiskA user who is able to pay vendors should not be able to perform the bank reconciliation
function where one can further hide a fraudulent payment or process the transaction as
reconciled.
ProcedureIdentifies where a user pays vendors and performs bank reconciliation.
Analytic LogicExtracts accounts payable and bank reconciliation data and analyzes processed activities to
identify where the same user has paid a vendor and also performs the bank reconciliation.
User Pays Vendor And Performs Bank Reconciliation
Output Results Field Names
Output Visualization Examples
ContextAny person allowed to
perform payments should not
be able to perform the bank
reconciliation. This would
eliminate proper review and
creates the opportunity to
perform incorrect/invalid
payments. The bank
reconciliation may also be
manipulated to hide errors or
fraudulent activity.
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Type Amount in Document Currency
Vendor Name
Document Currency
Amount in Reporting Currency Report Currency Company Code Company Name
Date
Heat map of total value exceptions by user
name and activity description
Total value of exceptions by
user
Page 18
User Adjusts Selling Prices And
Creates Customer InvoicesSD_ANALYTIC_09_SDCS505
Identifies where a user adjusts selling prices and creates customer invoices
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 19
| SD_ANALYTIC_09_SDCS505ar
RiskA user who is able to adjust selling prices should not be able to create a customer invoice with
those items because the user could be offering customers unapproved or loss-making prices
that ultimately affect profitability and reputation of the entity.
ProcedureIdentifies where a user adjusts selling prices and creates customer invoices.
Analytic LogicExtracts accounts receivable data and sales data and analyzes processed activities to identify
where the same user has adjusted the selling price and also created an invoice for a customer
for those sales items.
User Adjusts Selling Prices And Creates Customer Invoices
ContextThe person who creates
customer invoices should not
be allowed to amend sales
prices. This would eliminate
proper review and approval of
price changes and could
result in invalid/incorrect
invoicing.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator Customer Number Customer Name User ID
Date Document Number Document Type Amount in Document Currency
User Full Name
Document Currency
Amount in Reporting Currency Report Currency Company Code Company Name
Pie chart of total value of exceptions by user
name
Heat map of total value exceptions by customer and
user name
Total value of exceptions by customer and user
name
Page 20
User Receives Goods And
Adjusts The Inventory LevelsSD_ANALYTIC_10_SDCS508
Identifies where a user receives goods and adjusts the inventory levels
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 21
SD_ANALYTIC_10_SDCS508
RiskA user who is able to receive goods and adjust the inventory levels could misuse this ability to
misappropriate goods without detection.
ProcedureIdentifies where a user receives goods and adjusts the inventory levels.
Analytic LogicExtracts inventory data and analyzes processed activities to identify where the same user has
received goods and also adjusts inventory levels.
User Receives Goods And Adjusts The Inventory Levels
ContextAny form of change to
inventory levels should be
segregated from issuing good
received notes, i.e. receiving
of goods. Proper segregation
will allow for better review of
inventory transactions and
provide assurance regarding
the accuracy and validity of
inventory transactions and
the associated inventory
levels.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Line Number Line Description
Vendor Name
Material Number Date
Amount in Document Currency Document Currency Amount in Reporting Currency Report Currency
Company CodeCompany Name
Pie chart of total value
exceptions by goods
description
Total value of exceptions by
user name and activity
description
Page 22
User Receives Goods & Writes
Off InventorySD_ANALYTIC_11_SDCS509
Identifies where a user receives goods and writes off inventory
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 23
| SD_ANALYTIC_11_SDCS509
RiskA user who is able to receive goods and also write off inventory could misuse this ability to
misappropriate goods without detection.
ProcedureIdentifies where a user receives goods and writes off inventory.
Analytic LogicExtracts inventory data and analyzes processed activities to identify where the same user has
received goods and also writes off inventory.
User Receives Goods & Writes Off Inventory
ContextAny form of change to
inventory levels should be
segregated from issuing good
received notes, i.e. receiving
of goods. Proper segregation
will allow for better review of
inventory transactions and
provide assurance regarding
the accuracy and validity of
inventory transactions and
the associated inventory
levels.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name Vendor ID
Document Number Document Line Number Line Description
Vendor Name
Material Number Date
Amount in Document Currency Document Currency Amount in Reporting Currency Report Currency
Company Code Company Name
Total value of exceptions by
material description
Total value of exceptions by
user and activity description
Page 24
User Receipts Goods Or
Services And Creates InvoiceSD_ANALYTIC_12_SDCS512
Identifies where a user receipts goods or services and creates invoice
ACCOUNTS PAYABLE
Essentials – Segregation of Duties Page 25
SD_ANALYTIC_12_SDCS512
RiskA user who is able to receipt goods or services and also create the invoice for these goods
and services poses a risk that the user could receipt the goods and services for personal use
and thereafter create the invoice which ordinarily would have had some level of external
review because accounts payable would vet the invoice before capturing.
ProcedureIdentifies where a user receipts goods or services and creates invoice.
Analytic LogicExtracts goods receipt data and accounts payable data and analyzes processed activities to
identify where the same user has receipted goods or services and also created the invoices
for these goods or services.
User Receipts Goods Or Services And Creates Invoice
ContextAdequate segregation of
duties is required between the
person receipting goods or
services and the person
responsible for capturing the
supplier invoice. This is to
ensure accuracy and validity
in the recording of goods and services received.
Output Results Field Names
Output Visualization Examples
Activity Description Activity Indicator User ID User Full Name
PO Invoice Ref Number Document Number
Vendor ID
Document Type Amount in Document Currency
Amount in Reporting Currency Report Currency Company Code
Vendor Name
Document Currency Company Name
Total value exceptions by user and
activity description
Heat map of total value
exception by user and vendor
Page 26