We have added search box. Key in SAP issue keyword to search
TopBottom

Announcement: wanna exchange links? contact me at sapchatroom@gmail.com.

RE:[sap-security] SAP SOD AUDIT REMEDIATION

Posted by Admin at
Share this post:
Ma.gnolia DiggIt! Del.icio.us Yahoo Furl Technorati Reddit

Posted by Richard Cunnings
on Apr 24 at 7:20 PM
Mark this reply as helpfulMark as helpful
Hi Guys

A big thanks to Donn,Alex,Lee, bpoulos,& Chris , i really appreciate excellent input .

This is how the Audit was run by Deloitte they basically had a test user per Composite role, so our report has SOD's for each Composite,unfortunately they can not run it via a combination of Composite roles as this is some thing their tool can not do:-)

What would you guys advise regarding this matter? We need to know the risks via a combination of Composites as we do assign more than 1 Composite to some users.

Once again thanks Guys.
Richard











---------------Original Message---------------
From: Richard Cunnings
Sent: Friday, April 23, 2010 10:38 AM
Subject: SAP SOD AUDIT REMEDIATION

> Hi Guys
>
> We have just been audited by Deloitte via their EQsmart tool, we now have a spreadsheet with all the conflicts down to detailed level & T code, this spreadsheet needs to go out to the business but here are the problems;
>
> 1. Internal Auditors do not have much SAP Knowledge, what should we do?
> 2. How do we make the spreadsheet more comprehensible to the Business what do they just need to see?
> 3. Also the business & Internal Audit will find it difficult to label risks e.g. Low, High,, & Critical, any ideas ?
> 4. How should we record the role changes that wil be made via remediation?
>
> Cheers
> Richard C
__.____._
Copyright © 2010 Toolbox.com and message author.

Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251

0 comments:

Post a Comment

T r a n s l a t e to your language