The Office of the Vice President, Chief Financial Officer, and Comptroller announces an open comment period for Policy 9.1.2 Segregation of Duties in Enterprise-wide Applications for Procurement and Tracking of Equipment from August 29 to September 12, 2023. This policy mitigates the risks of non-segregation of duties by prohibiting certain role combinations for enterprise-wide systems. Access to enterprise-wide applications by an employee with a prohibited role combination is only allowed after obtaining advance approval for an exception request.
- Identification of the role combinations prohibited from access to enterprise-applications.
- An exception request is required, including a risk mitigation plan and internal review procedures before an employee with a prohibited role combination may access enterprise-applications.
- Outlining the exception request submission process, which must be re-requested every two years.
NOTE: The Exception Request Form is not yet ready; the link will be provided when the policy goes live.
- If you have questions about the updates to policy, please contact the CFO Business and Finance Policy Office at firstname.lastname@example.org.