The Segregation of Duties analysis is a tool to analyze how well the security is setup separating the duties between users. The analysis shows any inappropriate user access and identifies which users that have access to specific functions in the system.
The Segregation of Duties Analysis form shows all Functional Areas and which users that have access to different areas. It indicates if there are any conflicts with the user's security setup so that the segregation of duties is not respected. Click on View Segregation of Duties in folder Solution Manager/Administration/Security Administration to open this form.
The analysis can be viewed in two different view modes; Matrix and Data Grid. Both views shows the same information but in different ways.
The matrix shows the Functional Areas that each user has access to. This means that the user is granted access to a security object that is connected to the Functional Area. This is shown in the matrix as a green check mark. If the security setup for a user violates the segregation of duties i.e. the user has access to Functional Areas which are defined as conflicting areas, this is marked with X marks. A red X mark is shown if the conflict has severity Not Allowed and a yellow X mark is shown if severity is Warning.
To view the details about a conflict, click on the X mark to open a detail form. This shows which Functional Areas that are conflicting and which Permission Sets and security objects granted to the user that causes this conflict.
The data grid shows the same information as the matrix view, but has the standard table view functionality like grouping and filters.
A conflict is only information that the security setup violates the segregation of duties rules. It will not have any impact on the access rights for the user. There are several ways to handle a situation when a conflict is reported. In the matrix view, click on the conflict marker and in the data grid view select the conflicting record to see the details.