True System Based SOX Controls

Wondering if anyone has found a way to set up Epicor so you can have true system based controls without mitigating manual controls?

As far as I know, there is no way to actually do this. The second you give a user Security Manager access, you need mitigating manual controls to ensure that they are not transacting inappropriately.

Please, someone prove me wrong!

To the best of my knowledge, you are correct. The “Security Manager” flag on User Account Security Maintenance overrules most menu security settings and therefore takes real work to undermine the overruling. It has been ever thus.