Post Sarbanes Oxley, focus for corporations is more on compliance and secur

what is sox and in sap security?

Question Posted / gopi

2 Answers
25113 Views
IBM, I also Faced
E-Mail Answers

Answer Posted / gopi

Post Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.

1. Provide users access on a need to know and need to do basis.
2. Adequately secure programs, transactions and tables.
3. All user accesses to SAP R/3 are properly authorized and approved.
4. Segregation of duties is maintained for all sensitive business transactions
5. All controls and business processes are documented.
6. Anti-fraud preventive controls are in place to prevent & detect fraud before an audit.
7. User profiles and roles in SAP are secured and designed to meet business requirements.

Is This Answer Correct ?

12 Yes

1 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

Can you explain sap system transactions?

695

The user wants to create like a time table in BEX but when the open BEX its showing empty screen . in this situation what will u do.. And How will solve u …What r the steps u will take the to solve the solution..

2015

How we schedule and administering background jobs?

666

how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS

1709

What is the difference between role and a profile?

745

what are all the questions covered in "profiles related concepts " please let me know ?

1636

Can you explain snc in sap security?

652

How do you check background jobs?

746

Can you explain secure store and forward?

633

how we Set up Central User Administration (CUA) to manage 4 systems/clients

1828

List the various user types.

633

What are the different types of sap security tables?

672

Can you explain protecting public keys?

603

Which transaction should not be given to BASIS and DEV team in Production?

1916

Which tables will you use for making customizing setting for security administration?

713