Can anybody explain (short n simple) about SOX & SoDs with 3
examples for each functional module? n ur experience on SoDs.
Answer Posted / sakthi
SOD stands for Segregation of duties.
It helps us to identify frauds and Misstatements.
For example in virsa tool we have critical SOD conflict S017
for SD module where it identifies and checks for user who
could Perform credit approval function and modify cash
received for fraudulent purposes.
SOD conflict F017 for FICO module where it checks for users
who could Maintain a non bona-fide bank account and divert
incoming payments to it.
SOD conflict P001 for PP module where it checks for users
who could Maintain a fictitious vendor and enter a Vendor
invoice for automatic payment
As far my experience concerned we need to avoid critical SOD
conflicts as much as possible and these SOD conflicts are
the ones which the auditor checks and they ask for the
mitigation control that we have outside like trace.
Is This Answer Correct ? | 3 Yes | 0 No |
Post New Answer View All Answers
Tell me about derived role?
What is the main purpose of parameters, groups & personalization tabs?
What is the difference between role and a profile?
what are the pre-requisites that should be taken before assigning sap_all to a user even there is an approval from authorization controllers?
How to update risk id in rule set?
Please also send me details about CRM 5 and CRM 7 security issues and scenarios.
Hi Experts, can any one let me know the Tables which we use for compliance calibrator & Access enforcer of grc and please let me know the background jobs of grc, Please it's urgent so please answer as soon as possible to these questions , I really appreciate your help, Thanks karunakar
What is the use of Personalization tab in SU01?
What are pfud t-codes used for?
What are se10 t-codes used for?
how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS
You wan to transport user groups from transaction sugr? Would this impact the groups tab in su01? What would you do?
What are some ap security t codes?
when performing client copies what steps you need to take from CUA point of view?
Giving fire call access and extending fire call access by using VIRSA’s VFAT tool? can u brief give the explanation