[sap-security] SAP Segregation of Duties for Small Companies
Posted by
Admin at
|
Share this post:
|
|
0 Comments
 | Posted by Reyhan Joshi on Aug 29 at 5:12 PM |
Hello Gurus,
I am currently trying to work on remediation of certain SoD violations at our company and wanted to know if there are some best practice or tried solutions.
Basically, the company is a medium-sized SAP shop with around 900 SAP users. Currently we have US and Canada on SAP and soon Mexico will be live. After review of the latest Compliance Calibrator violation report, we are thinking of a long-term approach for SoD remediation instead of an excel based approach with mitigating controls for most of the violations. The compliance calibrator has not been customized for our business and is being used out-of-the-box so all the risks may not directly apply to our company. So my questions are:
- What are some of the possible approaches for fixing these violations? We have a lot of mitigating controls so more of them is not a solution.
- Is there an SAP best-practices approach for Small and medium sized businesses for Segregation of Duties? If yes, please let me know where I can get that.
- Can we do something with roles design?
Any thoughts?...Your responses are highly appreciated....
Thanks,
Reyhan,
Sr. IT Auditor
__.____._ I am currently trying to work on remediation of certain SoD violations at our company and wanted to know if there are some best practice or tried solutions.
Basically, the company is a medium-sized SAP shop with around 900 SAP users. Currently we have US and Canada on SAP and soon Mexico will be live. After review of the latest Compliance Calibrator violation report, we are thinking of a long-term approach for SoD remediation instead of an excel based approach with mitigating controls for most of the violations. The compliance calibrator has not been customized for our business and is being used out-of-the-box so all the risks may not directly apply to our company. So my questions are:
- What are some of the possible approaches for fixing these violations? We have a lot of mitigating controls so more of them is not a solution.
- Is there an SAP best-practices approach for Small and medium sized businesses for Segregation of Duties? If yes, please let me know where I can get that.
- Can we do something with roles design?
Any thoughts?...Your responses are highly appreciated....
Thanks,
Reyhan,
Sr. IT Auditor
Copyright © 2009 CEB Toolbox, Inc. and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Related Content
In the Spotlight
White Papers
In the Spotlight
How Can Predictive Analytics Drive Competitive Advantage? Find out here
View this thread online
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
