A long-standing internal-control principle, and what it means when AI agents act inside SAP business processes.
Segregation of Duties (SoD), also called separation of duties, is one of the oldest and best-understood ideas in internal control. It is deeply familiar in SAP environments, where access governance is largely built around it. As AI agents begin to act inside the same business processes, the principle does not change — but it now has to be applied to non-human actors as well as people.
SoD is an internal-control principle that prevents any single actor from controlling conflicting steps of a process. ISACA frames the core concept as ensuring that no employee or group is in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties. In practice, business-critical duties are split across categories — typically authorisation, recording, custody of assets, and verification or reconciliation — so that the same actor does not hold an incompatible combination. The classic illustration is requiring two signatures on a cheque: the function is divided so that no one person can both initiate and approve the same transaction.
Because SAP is a system of record for finance, procurement, supply chain and HR, SoD is central to how access is designed there. Roles are constructed so that incompatible activities — for example creating a vendor and approving a payment to it, or raising a purchase request and authorising the resulting order — cannot be performed by the same user. Where duties genuinely cannot be separated, compensating controls such as independent review, reconciliation and audit trails are put in place instead. This discipline is long-standing and well documented in the internal-control and audit literature.
An AI agent acting in SAP can take or initiate actions inside these same processes. If it is not bound by the same SoD rules, it can become a path around them — combining steps that a human would be prevented from holding together, such as both recording and authorising a transaction on the same asset. The risk SoD exists to manage, that one actor can both cause and conceal an error or fraud, applies equally whether that actor is a person or an agent. So an agent's permitted actions must be assessed against the SoD model, not granted on convenience.
The two disciplines line up naturally:
Approached this way, AI governance does not replace SoD; it extends it to cover a new kind of actor, keeping the control intent intact as AI moves deeper into SAP processes.
How TrustedAIGov helps. The Governance Platform records each SAP-connected agent as an accountable, owned actor with defined permitted actions, so its duties can be assessed against your existing SoD model, and Runtime Assurance can flag actions that would breach those constraints. The approach supports SoD practice and stays aligned with the accountability and control expectations in the OECD AI Principles, ISO/IEC 42001 and the NIST AI RMF.
Assess every agent's actions against your segregation-of-duties model — and enforce it.