Clear Skye Separation of Duties (SoD) helps organizations proactively manage risk by preventing and detecting inappropriate access combinations. The solution provides a reusable framework for defining and enforcing SoD policies, including toxic combinations, toxic access, and required access patterns—all supported by a flexible policy lifecycle and actionable visibility.
Designed with compliance teams in mind, Clear Skye SoD simplifies oversight by offering version-controlled policy management, approval workflows, and real-time metrics. These capabilities make it easier to identify violations, enforce preventative controls, and maintain audit-ready records. As a result, compliance teams can respond faster, reduce manual effort, and ensure ongoing alignment with regulatory and internal standards.
Enforces Segregation of Duties to Prevent Fraud and Unauthorized Access
Simplifies Segregation-of-Duties Policy Creation with Business-Friendly Capabilities
Deploys Preventative and Detective Controls for Risk Management
Continuously Monitors Access to Detect Compliance Issues
Automates Customized Compliance Responses via ServiceNow Workflows
Enhances Operational Efficiency with Streamlined Policy Management
Supports Must-Have Permission Pairings for Comprehensive Risk Control
Integrates Seamlessly with Clear Skye IGA
Clear Skye SoD 1.0 is the initial release of a native ServiceNow separation-of-duties application which integrates with Clear Skye IGA.
Features in this initial release include:
Policy Framework
- Flexible and reusable architecture
- Shareable components: policies, plans, rulesets, rules, datasets, and controls
- Build rules using business-friendly datasets
Preventative Controls
- Cancel, stop, or modify IGA requests
- Add advice, exception, and mitigation texts
- Require exception to proceed
- Trigger actions: run script or subflow, set exception, cancel request
Detective Controls
- Enhance findings or mitigate risks
- Add advice, exception, and mitigation texts
- Request membership removal
- Trigger actions: run script or subflow, set exception
- Workspace Experience
Native environment for managing policies and findings
- Visualize and maintain policy architecture (policies, plans, rulesets, rules, datasets, and controls)
- Handle approval items and schedule scans
- View group-assigned findings with agent-style interface
- Access metrics across scans, policies, findings, and exceptions
Clear Skye SoD is a native ServiceNow application with no external system requirements.
Clear Skye IGA 5.3 or later is a required prerequisite for Clear Skye SoD.