How do you manage Segregation of duties (SOD) ?

yermakoff
Kilo Contributor

‎08-14-2018 04:24 AM

Hi all,

Looking to see if anyone had to deal with managing segregation of duties to meet auditors information security key controls.

Found similar question was asked about a year ago.

Refreshing just in case someone able to share their best practices.

Many thanks,
Vadim

 

Labels:
0 Helpfuls
  • 3,395 Views
2 REPLIES 2

Brad Tilton
ServiceNow Employee
ServiceNow Employee

‎08-14-2018 06:01 AM

In terms of development segregation, my favorite setup is giving developers the admin role in dev/test, and then a couple of different admins the admin role in prod. That way developers are not moving and committing their own update sets.

To segregate further you might even look into delegated development.

yermakoff
Kilo Contributor
In response to Brad Tilton

‎08-15-2018 04:40 AM

Thanks Brad

0 Helpfuls