Can anybody explain (short n simple) about SOX & SoDs with 3 examples for

Can anybody explain (short n simple) about SOX & SoDs with 3
examples for each functional module? n ur experience on SoDs.

Question Posted / prasad

2 Answers
11770 Views
IBM, I also Faced
E-Mail Answers

Answers were Sorted based on User's Feedback

Can anybody explain (short n simple) about SOX & SoDs with 3 examples for each functional modu..

Answer / parixit

SoX is serbian & Oxley, it is an ACT in US, this ACT should
be liable for buisness.

SoD is Segeration of Duties, Division of power in different
position. it gives power as per the designation.

Is This Answer Correct ?

5 Yes

1 No

Can anybody explain (short n simple) about SOX & SoDs with 3 examples for each functional modu..

Answer / sakthi

SOD stands for Segregation of duties.

It helps us to identify frauds and Misstatements.

For example in virsa tool we have critical SOD conflict S017
for SD module where it identifies and checks for user who
could Perform credit approval function and modify cash
received for fraudulent purposes.

SOD conflict F017 for FICO module where it checks for users
who could Maintain a non bona-fide bank account and divert
incoming payments to it.

SOD conflict P001 for PP module where it checks for users
who could Maintain a fictitious vendor and enter a Vendor
invoice for automatic payment

As far my experience concerned we need to avoid critical SOD
conflicts as much as possible and these SOD conflicts are
the ones which the auditor checks and they ask for the
mitigation control that we have outside like trace.

Is This Answer Correct ?

3 Yes

0 No

Post New Answer

More SAP Security Interview Questions

What is the parameter in security audit log (sm19) that decides the number of filters?

1 Answers

How would you do the 'lock all users at once'.

1 Answers

how to do Reporting and Analysis authorizations

0 Answers IBM,

What's the basic difference in between SU22 & SU24?

3 Answers

You want to configure the local and global setting of cua. Where would you do that? What would happen if you have inconsistent settings?

0 Answers

hi..guys... can u tell me? what is the solution manager.. and what is the use? which type of commands we should follow?

2 Answers IBM,

1) Explain me about your SAP Career? 2) Tell me your daily monitoring jobs and most of them you worked on? 3) which version of SAP are you working on? Is it a java stack or abap stack? 4) Tell me about derived role? 5) what is the main difference between single role and a derived role 6) Does s_tabu_dis org level values in a master role gets reflected in the child role?? 7) Tell me the steps to configure CUA? 8) Is RAR a java stack or Abap Stack? 9) What is the report which states the critical T-codes? and also What is the T-code? 10) What is the T-code to get into RAR from R/3? 11) Explain about SPM?

2 Answers TCS,

how you can delete multiple roles from qa, dev and production system?

0 Answers

What is the use of role templates?

1 Answers

why do create Firefighters and ffids service type user?

1 Answers TCS,

Is it possible to have more than one st of org-level values in one role? Explain your answer.

0 Answers

How to create users?

0 Answers

For more SAP Security Interview Questions Click Here