A solution to automate Segregation of Duties controls
An EY report shows a blockchain-based solution can help organizations solve control compliance and efficiency challenges related to traditional Segregation of Duties (SoD) policies, while accelerating adoption and implementation of agile software delivery.
SoD policies were defined over a decade ago in accordance with a waterfall software development approach. They were implemented in response to control-driven regulations worldwide, so that one person alone cannot introduce a technology change in an organization. As such, these policies have imposed physical separation of environments and teams along all stages of the waterfall delivery process, causing slower delivery times and adding unnecessary overhead.
“SoD policies present challenges to an organization’s ability to adopt continuous delivery processes, commonly called DevOps,” says Voya Vojinovic, Executive Director, Architecture and Emerging Technology Advisory at EY Canada. “Implementing delivery controls on blockchain technology can help organizations accelerate their adoption and enable a more effective approach to control compliance in DevOps environments.”
To overcome transformation challenges, EY’s report suggests a practical, risk-based approach to managing controls in DevOps environments based on blockchain technology. Introducing blockchain technology can allow transparent and auditable oversight of delivery across the enterprise, while accelerating an organization’s transition from waterfall to agile delivery.
“Simply put, blockchain is a distributed infrastructure technology that works collaboratively, and enables decentralized exchange of trusted data,” says Abhishek Sinha, Partner, Financial Services Advisory at EY Canada. “It leverages cryptography, peer-to-peer network and game theory allowing participants to perform transactions and exchange data in a secure and trusted manner without the need for a central authority.”
In today’s highly regulated environment, two inherent characteristics of blockchain are highly valuable for SoD transformation:
- Transparency: Blockchain is a trusted data source where transaction records, once created and confirmed, cannot be altered or removed from the ledger.
- Efficiency: Breaking down segregation barriers and automating delivery controls on blockchain can help increase efficiency and speed up software development.
“To stay competitive, companies have to keep up with the pace of business modernization, while continuing to meet regulatory requirements,” says Vojinovic. “They need to continue to strive for simplicity and precision in the execution of their delivery controls. Following current internal directives can be a costly mistake that hinders the benefits of agile delivery and slows down implementation of DevOps.”
For more information, read EY’s full Blockchain in DevOpps report.
– 30 –
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.
EY is proudly celebrating 150 years in Canada. For more information, please visit ey.com/ca. Follow us on Twitter @EYCanada.
EY refers to the global organization and may refer to one or more of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.