what is sox and in sap security?
Answers were Sorted based on User's Feedback
Answer / gopi
Post Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.
1. Provide users access on a need to know and need to do basis.
2. Adequately secure programs, transactions and tables.
3. All user accesses to SAP R/3 are properly authorized and approved.
4. Segregation of duties is maintained for all sensitive business transactions
5. All controls and business processes are documented.
6. Anti-fraud preventive controls are in place to prevent & detect fraud before an audit.
7. User profiles and roles in SAP are secured and designed to meet business requirements.
Is This Answer Correct ? | 12 Yes | 1 No |
Answer / praveen
Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.
Is This Answer Correct ? | 6 Yes | 1 No |
Is there a table for authorizations where I can quickly see the values entered in a group of fields?
What authorization are required to create and maintain user master records?
How can you find all t-codes which are locked in the system ?
what is the length of user buffer
I have a custom tables, for which I created auth group, which contains another 2 tables. Now I have assigned this table to user, but still he cannot access the table. What's the reason? User buffer is fine and not exceeded.
Mwhat is the maximum number of profiles in a role and maximum number of object in a role?
1.why we use derived role in sap security?2.what is the technical difference between master and derived role?
Hi, Can any one tell me the authorization objects for SOD
what is sap security?
How to transport a T-code into Production?
What is use of System Task Tab on menubar in PFCG ?
How to check to which web links user has access ? bcoz its not there any option in SUIM for this search and we add web links/reports while creating role. So how to check that ?