Skip to content

Separation of Duties Overview

No one person should be able to do everything. Spreading responsibilities among users creates a system of checks and balances that minimizes risk, but in order to accomplish this, you need visibility into the access everyone in your organization has.

IdentityNow's Separation of Duties service, sometimes known as SoD, allows you to easily track violations to your internal policies and see where your greatest risks lie. Download reports of violations for remediation and maintain a clear view of your organization's access patterns, both as they are and as they should be.

Along with SoD policies, you can use general policies to help ensure data quality in your organization. General policies can track which identities don't have managers or department codes, preventing problems before they occur.


Separation of Duties helps you:

  • Provide an internal control to mitigate risk - Manage your exposure to hazards by correcting violations that surface.
  • Gain 360° visibility into where risk occurs - Leverage the breadth of your governance data to see your riskiest access and your riskiest combinations of access.
  • Be aware of violations, but allow exceptions - Confidently make decisions about which violations need to be corrected and which can be allowed.


Take control of separation of duties in your organization by establishing which access combinations create risk. Create two lists of access - identities in your org that have access within one list aren't allowed to have access within the other list. Generate reports to capture lists of identities for remediation. Use general policies to proactively discover data problems, and maintain complete visibility into your organization's data.

Documentation for Administrators

Configuring the Basics

IdentityNow Foundation Data

Get started in IdentityNow before you configure Separation of Duties.

Learn About Search Queries

Learn about the fields you can search on and the data they contain.

Constructing Policies

Create a Separation of Duties Policy

Use your internal company policies to create lists of conflicting access in IdentityNow.

Use a Search Query to Enforce Data Integrity

Create a search query to uncover data problems and take action to correct them.

Maintain Separation of Duties

Track and Respond to Policy Violations

Download a list of policy violations.

Get Notified About Violations

Receive an email when you have policy violations