Re: [sap-security] GRC issue regarding VA01 and 02 access conflicting with VL06

Posted by Admin at

Share this post:

0 Comments

Posted by naveen.murthy.sk
on Jun 30 at 9:52 PM

Mark as helpful

Hi

I would say the following to be checked.

1. If the risk is appearing in a display only role - then i believe you are
running the GRC report on a Action level , where as u should be running the
report on permission level, i am taking in the fact that you have configured
the GRC rule set with some auth objects for the sales & delivery Tcodes.

Let me know if this works.

Regards
Naveen

On Thu, Jul 1, 2010 at 1:32 AM, WVU_SAP_Security via sap-security <
sap-security@groups.ittoolbox.com> wrote:

> Posted by WVU_SAP_Security
> on Jun 30 at 1:30 PM Hi
> Lucas,
>
> What did you end up doing to remediate this risk. I am running across the
> same problems and I know its because of the sharing of objects and values,
> but I was wondering if you updated your ruleset, or what?
>
> ---------------Original Message---------------
> From: Lucas
> Sent: Thursday, June 03, 2010 12:52 PM
> Subject: GRC issue regarding VA01 and 02 access conflicting with VL06
>
> > Hi All,
> > I am in a situation where we have a inventory display role that contains
> transactions VL06,VL06F,VL06G, VL06L,
> > VL06O,VL06P,VL10B,VL10G,VL10H. We have a request for a user to have
> transactions VA01 and VA02.
> > While simulating the addition of the sales order access we are getting 18
> high risk SOD violations
> > Cover up unauthorized shipment by creating a fictitious sales documents
> > I'm having a very difficult understanding how a display only role with
> all activities set to 03 would conflict with the sales order maintenance
> role.
> > Any suggestions on what I am missing would be greatly appreciated.

__.____._

Related Content

White Papers

GRC Strategies – Finding the Right Balance of Business and IT

Governance, Risk and Compliance - Realizing the Value

More White Papers...

In the Spotlight

Earn Recognition for Your Contributions at Toolbox for IT. Gain Points for Community Achievements

View this thread online
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion

_.____.__

SAP Library - Find your answers

Grab this WidgetYou can show more than 5 recent posts using this simple blogger widget by Nitesh KOthari at Wolverine Hakcs.

Click on more Feeds rss Most Popular

More ?This is SAP books Best Buy section. Click on the pics below to check more on the best SAP books.

Click on more to know more about such productsSAP Chat Room

More ?These are the Recommended products from SAP OSS Notes Team

Click on more to see more such downloadsRecommended