The Identity Blog

Gain Segregation of Duties (SoD) and Access Reviews in Coupa

What actions can risk managers start taking now?

If not already done, risk managers should start working with their teams, managers, and subject matter experts to identify the key, high-risk, high-level business activities across their organization that is relevant to SoD. For example, most organizations consider vendor master data to be a high-risk P2P area.

Along with setting up the critical configurations in accounts payable or procurement systems, whether SAP, Coupa, Oracle, etc., could be one area of focus. Then, go a bit deeper through the business process walkthroughs or scoping the assessments for identifying the more granular key areas of access risk. Begin with the highest-risk areas first and then work your way down.

A comprehensive audit solution

1Trooper provides a comprehensive audit solution to automate and simplify compliance for Coupa, an all-in-one platform for business spend management.

Who has access to your Coupa data? Whether you need to comply with regulations such as Sarbanes-Oxley (SOX) or simply need to maintain security, this question should be asked regularly. With us, you get an integrated control management, monitoring, and testing solution with access certifications, access reviews, and segregation of duties modules.

Reporting who has access to critical areas helps eliminate unauthorized or orphaned users. And by analyzing permissions against a powerful segregation of duties (SoD) ruleset, you can identify the risks that exist in Coupa.


  • Security access review and SoD analysis down to role, action, and controller level.
  • Audit report design and scheduling enable non-technical users to generate reports.
  • Security reports by user, organization, and role/action/controller.
  • Effortlessly download reports to Excel for analysis and distribution.
  • Repeatable automation ensures continuous compliance.

Segregation of duties analysis

  • Built-in SoD ruleset that is designed for Coupa by certified auditors.
  • Record and report conflict mitigations in the application.
  • The automated system reinforces continuous compliance.
  • Download reports to Excel for analysis and distribution.
  • Cross-platform integration for analyzing the risks across the systems on one dashboard.

Being a Software as a Service (SaaS) company, 1Trooper aims to deliver the best software solutions that seamlessly empower our clients for gaining control of their security, compliance, and risk management initiatives. We assist in the better handling of your audit, security, and compliance needs.

Write a comment