RE:[sap-security] SAP Segregation of Duties for Small Companies
Posted by
Admin at
|
Share this post:
|
|
0 Comments
 | Posted by m14545 (Auditor) on Sep 1 at 4:01 PM |  Mark as helpful |
Two more remarks from my side.
1. Financial auditors (SOx) always ask for two things regarding users' privileges in systems:
- segregation of duties;
- access to sensitive transactions (such as opening/closing accounting periods).
2. PM is definitely right. Define and test your SoD rules as precisely as possible (field values) in order to minimize the number of false positives (i.e. conflicts to solve).
3. Before solving any conflicts, first perform a review of users' profiles/roles and revoke those which are not used - this will definitely limit the number of conflicts to solve (i.e. problems).
M.
__.____._ 1. Financial auditors (SOx) always ask for two things regarding users' privileges in systems:
- segregation of duties;
- access to sensitive transactions (such as opening/closing accounting periods).
2. PM is definitely right. Define and test your SoD rules as precisely as possible (field values) in order to minimize the number of false positives (i.e. conflicts to solve).
3. Before solving any conflicts, first perform a review of users' profiles/roles and revoke those which are not used - this will definitely limit the number of conflicts to solve (i.e. problems).
M.
Copyright © 2009 CEB Toolbox, Inc. and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Related Content
In the Spotlight
White Papers
In the Spotlight
SAP Enterprise Software: flexible, best-of-breed business apps View Vendor Profile
View this thread online
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
