Segregation of Duties for the Office of the CFO

Author: Lynn Fountain

A fundamental element of internal control is SOD, and the underlying idea is that no employee or group of employees should be in a position to both perpetrate and conceal errors or fraud in the normal course of their duties. The principal duties typically outlined as incompatible and which should be segregated are:
• Custody of assets
• Authorization or approval of related transactions affecting those assets
• Recording or reporting of related transactions

Traditional internal control relies on assigning certain responsibilities to different individuals or segregating incompatible functions. Several prominent documents highlight the principles of SOD requirements including: PCAOB AS5; AICPA Auditing Standard 99; SEC Guidance on Management requirements of internal control over financial reporting. This has resulted in some overly complex systems of internal control that become difficult to maintain and result in reduced focus on higher risk areas. This course will provide you with a better understanding of SOD along with ideas and best practices around managing SOD at your company.

It is imperative organizations take a fresh look at their SOD assignments and measure and prioritize risk areas impacted. With changing business processes along with businesses reliance on Information technology, the inability to maintain proper and efficient SOD can hamper an organizations ability to deliver service efficiently.

Publication Date: March 2019

Designed For
Accountants and Finance professionals, Internal auditors/Professionals considering the role of internal audit, Executive management/ Board members and Audit Committee members, and Legal and Compliance professionals.

Topics Covered

• SOD Criticality and Control Environment
• SOD and Fraud
• Roles related to SOD
• SOD In Processes
• SOD in Specific Processes
• SOD Procure to Pay
• SOD Disbursements/AP
• SOD Payroll
• SOD AR/Sales/Receipting
• SOD Treasury & Investments
• SOD Inventory
• Financial Statement Close
• SOD IT Processes
• Enforcing SOD

Learning Objectives

• Recognize criticality of SOD principles for finance, accounting and the office of the CFO when attesting to a positive control environment
• Describe the concept of SOD and fraud considerations
• Identify critical SOD for specific processes
• Recognize and apply procedures to enforce SOD
• Recognize which portion of the fraud triangle can be mitigated by segregation of duties
• Identify why it is difficult to have a standardized checklist for the segregation of duties
• Describe what is typically segregated in the procure to pay process
• Recognize which duty is typically performed by payroll in the payroll process
• Identify which process is acceptable to be performed by the same individual
• Recognize who is not responsible for the internal controls within the organization
• Describe how an organization needs for good internal controls
• Identify what software developers should not do for proper segregation duties

Level
Basic

Instructional Method
Self-Study

NASBA Field of Study
Business Management & Organization (2 hours)

Program Prerequisites
None

Advance Preparation
None