Minority View: Is Accepting SOD Violations in Security Roles Ever Justified?

An important policy issue with strong corporate governance implications in SAP-enabled enterprises is whether to permit the design of security roles containing embedded Segregation of Duties (SOD) violations. SAP best practice clearly recommends against it, and most companies prohibit the practice, believing it signals a lack of control. This paper agrees that SAP best practice [...]