whts the differents between SoX ,SoD??????wht kind of work
Sox do as wel .....SoD do?
whts is virsa??????? and VRAT,,,,VFAT,, how it workin
security.
Answers were Sorted based on User's Feedback
Answer / aichik_am
SoX - refer to Sarbanes OXley act in the earlier 2000+-.
Where it impact all US companies either they operated in US
or outside (on other countries). Some people think this act
is significant, after fall down of big companies such as
Enron etc..
SoD - refer to Segregation of Duties. Basically one person
cannot have access to the whole process. The task need to be
segregated so that there is check and balance.
VIRSA - is one of third party tools used to check for SoX
compliance in a company. Other then this, there are also
other product such as APPROVA and SecurInfo. Nowadays VIRSA
have been brougt by SAP, and rebrand it as GRC (Governance,
Risk and Control).
Is This Answer Correct ? | 8 Yes | 0 No |
Answer / ranjeet kumar
Segaration of duty, as a security principle, has as its
primary objective the prevention of fraud and errors. This
objective is achieved by disseminating the tasks and
associated privileges for a specific business process among
multiple users. This principle is demonstrated in the
traditional example of separation of duty found in the
requirement of two signatures on a cheque.With the concept
of SoD, business critical duties can be categorized into
four types of functions: authorization, custody, record
keeping, and reconciliation.
Is This Answer Correct ? | 3 Yes | 0 No |
SOX is nothing but Sarbanes OXley act,is developed by the famous auditors Sarbens and Oxley.They developed this law to control the irregularities in the company.Long ago an American company named Enron cheated the customers and share holders and leads to the crisis in the Nation.Then SOX law came into the picture.
SOD refers to "Segregation Of Duties".SOD designed with the concept of separating any sensitive action among the people.Due to this no one can get the full command over the task, so it helps to minimize the irregularities in the company.
Virsa is a third party tool brought by SAP which is useful in finding the SODs.
/n/virsa/zVRAT is the transaction that helpful in finding the violations in virsa.
/n/virsa/VFAT is the transaction for the assigning or mapping the fire fighter id to the user.
Is This Answer Correct ? | 2 Yes | 1 No |
How to run secatt in foreground?
How will remove all expired role assignments to number of users ?
if user enters a tcode how the system knows what action should be done ?
3 Answers Deloitte, Pranav Systtech,
How I can reset the DDIC user's password? I have changed it from the delivered default?
How we schedule and administering background jobs?
How can you find all t-codes which are locked in the system ?
Using which table transaction code text can be displayed?
what is the use of s_tabu_nam,s_tabu_dis,s_tabu_cli
What is the different between single role & composite role?
. Is it possible to have a request type by which we can change the validity period of a user? If possible, then what are the actions?
When would you update a sap table directly? What precautions would you taje?
In which table you can see authorization group for table and which table to see authorization group for program?