Separation of duties (SoD) requires multiple people to complete sensitive transactions — no single person can both initiate and approve a wire transfer, deploy code and approve it, or both create and audit accounts.
SoD prevents insider fraud that requires both authorization steps. Finance: different people authorize and execute payments. IT: different people write and approve code deployments. Combined with dual control (two people must act together): absolute strongest control against insider threats.