1. Categories >> Software >> ERP CRM >> SAP >> SAP Security
  2. Suggest New Category

Can anybody explain (short n simple) about SOX & SoDs with 3
examples for each functional module? n ur experience on SoDs.

Question Posted / sakthi

Answer Posted / sakthi

SOD stands for Segregation of duties.

It helps us to identify frauds and Misstatements.

For example in virsa tool we have critical SOD conflict S017
for SD module where it identifies and checks for user who
could Perform credit approval function and modify cash
received for fraudulent purposes.

SOD conflict F017 for FICO module where it checks for users
who could Maintain a non bona-fide bank account and divert
incoming payments to it.

SOD conflict P001 for PP module where it checks for users
who could Maintain a fictitious vendor and enter a Vendor
invoice for automatic payment

As far my experience concerned we need to avoid critical SOD
conflicts as much as possible and these SOD conflicts are
the ones which the auditor checks and they ask for the
mitigation control that we have outside like trace.

Is This Answer Correct ?    3 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

Tell me about derived role?

639

What is the main purpose of parameters, groups & personalization tabs?

661

What is the difference between role and a profile?

751

what are the pre-requisites that should be taken before assigning sap_all to a user even there is an approval from authorization controllers?

667

How to update risk id in rule set?

685




Please also send me details about CRM 5 and CRM 7 security issues and scenarios.

2225

Hi Experts, can any one let me know the Tables which we use for compliance calibrator & Access enforcer of grc and please let me know the background jobs of grc, Please it's urgent so please answer as soon as possible to these questions , I really appreciate your help, Thanks karunakar

1804

What is the use of Personalization tab in SU01?

5026

What are pfud t-codes used for?

707

What are se10 t-codes used for?

715

how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS

1715

You wan to transport user groups from transaction sugr? Would this impact the groups tab in su01? What would you do?

750

What are some ap security t codes?

678

when performing client copies what steps you need to take from CUA point of view?

2126

Giving fire call access and extending fire call access by using VIRSA’s VFAT tool? can u brief give the explanation

3767