Post Sarbanes Oxley, focus for corporations is more on compliance and secur

what is sox and in sap security?

Question Posted / gopi

2 Answers
25105 Views
IBM, I also Faced
E-Mail Answers

Answer Posted / gopi

Post Sarbanes Oxley, focus for corporations is more on compliance and security. Sarbanes Oxley has had a major impact on the organizations using SAP R/3 as their ERP. Some of the changes seen in the corporate landsacpe include identifying and documenting processes, implementing controls and safeguards, documenting user access approvals etc. In short, there has been a cultural shift in organizations post Sarbanes Oxley. Below, I have listed 7 major pointers which can help organizations towards better SAP security in the Sarbanes Oxley Era.

1. Provide users access on a need to know and need to do basis.
2. Adequately secure programs, transactions and tables.
3. All user accesses to SAP R/3 are properly authorized and approved.
4. Segregation of duties is maintained for all sensitive business transactions
5. All controls and business processes are documented.
6. Anti-fraud preventive controls are in place to prevent & detect fraud before an audit.
7. User profiles and roles in SAP are secured and designed to meet business requirements.

Is This Answer Correct ?

12 Yes

1 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

what is the difference between usobt_c and usobx_c?

777

Giving fire call access and extending fire call access by using VIRSA’s VFAT tool? can u brief give the explanation

3750

What is the difference between authorization object and authorization object class?

650

What is the use of su56?

697

How to find ECC system, GRC system and BI system ?

791

What does the account assessment category specify in a purchasing order in SAP Materials Management?

1009

Giving fire call access and extending fire call access by using VIRSA’s VFAT tool.can any one brief this

3243

what is use of copy data in derived role and when we use this one ???

1332

How can sap security be improved?

686

Which tables will you use for making customizing setting for security administration?

711

User is not there in User master record. Then how to trace the user?

984

What is a composite role?

817

Please also send me details about CRM 5 and CRM 7 security issues and scenarios.

2223

What are se09 t-codes used for?

699

Differentiate between derived role and composite role

661