Segregation of Duties

Segregation of Duties (SOD) configuration enables you to control how the workflow and related functionality controls your SOD policies

Available SOD scenarios

Scenario 0 [default scenario]

Only relevant for Journal process.

The requester can be an approver

Approvers can appear at several levels – and an approval at one level is taken as an approval at all levels that the specific approver appears in. This can be seen  as approver “skipping” where if an approver can approve at several levels they approve only once.

Scenario 1

Requester cannot be an approver

Approvers cannot approve at more than one level. They are removed from higher levels automatically after they give their approval at a lower level.

As approvers cannot approve at more than one level – approver “skipping” is not relevant

Scenario 2

Requester can be an approver

Approvers can approve at several levels. No approver “skipping”. Effectively no SOD control

Available from SP25

Scenario 3

(Scenario is similar to Scenario 0 except requesters cannot be approvers)

The requester cannot be an approver

Approvers can appear at several levels – and an approval at one level is taken as an approval at all levels that the specific approver appears in. This can be seen  as approver “skipping” where if an approver can approve at several levels they approve only once.

Available from SP30 (journals) and SP39-2 (Dataflow)

Scenario 4

The requester cannot be an approver

Approvers can appear at several levels – but each approval must be manually carried out. There is no skipping. Therefor the same approver must access their inbox and approve repeatedly

Available from SP33

SOD Error Group

Sometimes an SOD issue will occur – for example an approver submits a request to which they are the only approver [ when SOD=1]. In this case rather than the workflow being prevented the workflow routes to  a separate  team – designated the SOD Error Group.

Actions the SOD Error Group user can take :

  • Reject the request
  • Forward the request to another approver
  • Approve the request

All actions are audited

Setup

In the Workflow Responsibility tool (see here) create group with APP_GROUP = PROMENTA_SOD_ERROR

Assign SOD users to this group.

Recommendation : the SOD users in this group should not appear in your regular approval matrix.

Configuration

The relevant scenario is activated by setting the following in the WORKFLOW_SCREEN_GROUPS section of the decision tree. 

RESULT       SOD_SCENARIO=<the scenario>

Promenta Use Only

PFAC should be 94800013

See FM /PROMENTA/WSFI_WF_CALC_APPGRP

Scroll to Top