Skip to main content
Solved

Segregation of Duties (SoD) - in IFS Cloud

  • May 1, 2024
  • 5 replies
  • 539 views
N
Do Gooder (Employee)
Forum|alt.badge.img+2

Could you please share any documentaion on best practices for Segregation of  duties (SOD)  in cloud and the features IFS have in this area

Best answer by Kasun Balasooriya

@NICOAU ,

Please Refer the following link:

Segregation of Duties Analysis - Technical Documentation For IFS Cloud

 

As noted in the documentation,

The Segregation of Duties analysis is a tool to analyze how well the security is setup separating the duties between users. The analysis shows any inappropriate user access and identifies which users that have access to specific functions in the system.

 

You may use this tool as noted in the documentation to identify and resolve the SOD conflicts. 

 

For details on setting up Functional areas for SOD including Setting up Functional Area Conflicts, please refer the following documentation link:

Functional Areas - Technical Documentation For IFS Cloud

 

Thanks,

Kasun

5 replies

Kasun Balasooriya
Superhero (Employee)
Forum|alt.badge.img+20

@NICOAU ,

Please Refer the following link:

Segregation of Duties Analysis - Technical Documentation For IFS Cloud

 

As noted in the documentation,

The Segregation of Duties analysis is a tool to analyze how well the security is setup separating the duties between users. The analysis shows any inappropriate user access and identifies which users that have access to specific functions in the system.

 

You may use this tool as noted in the documentation to identify and resolve the SOD conflicts. 

 

For details on setting up Functional areas for SOD including Setting up Functional Area Conflicts, please refer the following documentation link:

Functional Areas - Technical Documentation For IFS Cloud

 

Thanks,

Kasun

Kasun B - https://www.linkedin.com/in/kasunbalasooriya/
N
Do Gooder (Employee)
Forum|alt.badge.img+2
  • NICOAU
  • Author
  • Do Gooder (Employee)
  • May 14, 2024

Thank you so much for this Karun,, very helpful

    DNVMDEL
    Sidekick (Customer)
    Forum|alt.badge.img+6
    • DNVMDEL
    • Sidekick (Customer)
    • September 27, 2025

    @NICOAU 

    @Kasun Balasooriya 

    Have you already set this up? I was experimenting with it, but the setup seems at Projection level where I can’t determine that I only consider it a conflict if there are Writing Rights/FULL/CUSTOM? If ReadOnly I would not consider it a conflict.

     

    Maxime Deleye - Denys - IFS Application Manager
    P
    Do Gooder (Customer)
    Forum|alt.badge.img+7
    • pshields
    • Do Gooder (Customer)
    • March 11, 2026

    We are on 24.2 and would consider the SOD within IFS to be worthless. I cannot separate out read only access from create/modify. We allow a great deal of view only access so I cannot use view access as a conflict.

      S
      Hero (Customer)
      Forum|alt.badge.img+12
      • SimonTestard
      • Hero (Customer)
      • March 17, 2026

      SOD Works pretty well for specifically Projection and Entity Actions but indeed is not super useful for Entity CUD Actions meaning being able to segregate read/write from an entity.

       

      Basically like these:

       

       

       

      You can easily create conflicts based on whether a user has got access to entity action “Activate” or “Apply Bid” for instance, but it doesn’t look like you can make it check for simple CUD entity action grant.

       

      So indeed SOD doesn’t seem super practical if you want to highlight cases where Write access would be considered an SOD breach, but Read only would not be.

      Terms & ConditionsCookie settingsAccessibility statement