Segregation of duties rules (form)
Applies To: Microsoft Dynamics AX 2012 R3, Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012
Click System administration > Setup > Security > Segregation of duties > Segregation of duties rules.
Use this form to set up rules for segregation of duties. Create a rule when two duties must be performed by separate roles for better security or better compliance with policies and regulations. When two duties in the same role are in conflict, or when a user is assigned to two roles that contain conflicting duties, the conflict is logged. The security administrator must approve or reject each assignment that causes a conflict.
Task that uses this form
Navigating the form
The following tables provide descriptions for the controls in this form.
Buttons
Button |
Description |
|---|---|
New |
Create a new rule for segregation of duties. |
Delete |
Delete the selected rule. If you delete a rule for segregation of duties, any associated conflicts that are awaiting approval are also deleted. Conflicts that have already been approved or rejected are not deleted and remain available for auditing. |
Validate duties and roles |
Run the process that verifies whether existing security roles comply with the selected rule. You can validate only one rule at a time. The Infolog displays the results of the validation. If there is a conflict, you can double-click the message to open the Security roles form. When the form opens, the role is automatically selected. To verify whether existing role memberships comply with the rules, use the Verify compliance of user-role assignments with rules for segregation of duties form. |
Fields
Field |
Description |
|---|---|
First duty |
Select the first duty to include in the rule. A conflict is logged if an attempt is made to assign the first duty and the second duty to the same role, or to assign a user to two roles that contain the conflicting duties. |
Second duty |
Select the duty that must conflict with the first duty. A conflict is logged if an attempt is made to assign the first duty and the second duty to the same role, or to assign a user to two roles that contain the conflicting duties. |
Severity |
Select the severity of the security risk that occurs when the same user or role performs both duties. |
Security risk |
Enter a description of the security risk that occurs when the same user or role performs both duties. |
Security mitigation |
Enter information about how you can reduce the effect of the security risk. |
See also
Identify and resolve conflicts in segregation of duties
Verify compliance of user-role assignments with rules for segregation of duties (form)
Segregation of duties conflicts (form)
Announcements: To see known issues and recent fixes, use Issue search in Microsoft Dynamics Lifecycle Services (LCS).