what is sox and in sap security?
Answers were Sorted based on User's Feedback
Answer / gopi
Post Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.
1. Provide users access on a need to know and need to do basis.
2. Adequately secure programs, transactions and tables.
3. All user accesses to SAP R/3 are properly authorized and approved.
4. Segregation of duties is maintained for all sensitive business transactions
5. All controls and business processes are documented.
6. Anti-fraud preventive controls are in place to prevent & detect fraud before an audit.
7. User profiles and roles in SAP are secured and designed to meet business requirements.
Is This Answer Correct ? | 12 Yes | 1 No |
Answer / praveen
Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.
Is This Answer Correct ? | 6 Yes | 1 No |
how do you go about system meaurement?
Can you explain protecting public keys?
what is the use of defaults tab in start menu
how to create new authorization object?
what is the procedure for deleting a role?
Can any one tell me briefly , what is the roles and responsibilities of SAP BASIS Security Administrator..
What does the account assessment category specify in a purchasing document in SAP Materials Management?
Please let me know if there any vacancies for 3 years of Experienced level in SAP Security
Does anyone know what kind of questions does the Accenture asks on Interview as SAP Security Consultant?
different b/w Direct assigment and indirect role in bi security whn will go direct assignment
difference between logon tab and group tab in su10
If I just want to give any user authorization to create role but not to copy from any role so how can I do this ?