Role Mining And Sod Conflict Detection Continuous Control Monitoring
Description
Monitor key control points for role mining and SoD conflict detection; flag missing approvals, SoD conflicts, late postings, or incomplete evidence before month-end close. The MVP would connect ICAM, SailPoint, MyAuth, ERP roles, audit logs, control catalogs, system access reviews and produce read-only recommendations for DoD CIO, Component CIO/FM, System owners, OUSD(C).
AI / analytics pattern
process mining + rules + ML
Automation level / stage
continuous assurance
Expected benefit
More timely control issue detection, reduced repeat findings, stronger ongoing assurance.
Audit / financial statement impact
Control environment; reliability of financial systems and reports
Controls / human review
Human approval required before posting, payment, denial, personnel action, or official audit response; model validation; drift monitoring; exception sampling; full prompt/data/output logging.
Data needed
ICAM, SailPoint, MyAuth, ERP roles, audit logs, control catalogs, system access reviews; master/reference data; audit logs; policy/control requirements; prior exceptions; relevant document evidence.
Possible metrics
control exceptions detected before close; SoD conflicts remediated; repeat findings reduced
MVP scope
Start with one Component/reporting entity and one subprocess (role mining and SoD conflict detection) for two close/audit cycles; read-only outputs first.
Related material weakness / control objective
Systems control environment and IT access controls