Back to glossary

Segregation of Duties

A security principle that requires more than one person to complete a critical task to prevent fraud and error.

AbbreviationSoD
Categorysecurity

Overview

Segregation of Duties (SoD) is a fundamental internal control designed to prevent any single individual from having enough power to complete a sensitive process from start to finish without oversight. It is a key requirement for many compliance frameworks (e.g., SOX, PCI DSS).

Examples

  • The person who requests a purchase should not be the same person who approves it.
  • The developer who writes code should not be the same person who deploys it to production.
  • The person who manages security logs should not be the same person who has administrative access to the systems being logged.

Benefits

  • Reduces the risk of internal fraud and malicious activity.
  • Minimizes the impact of human error.
  • Improves accountability and auditability.