Can anybody explain (short n simple) about SOX & SoDs with 3 examples for

Can anybody explain (short n simple) about SOX & SoDs with 3
examples for each functional module? n ur experience on SoDs.

Question Posted / prasad

2 Answers
10282 Views
IBM, I also Faced
E-Mail Answers

Answers were Sorted based on User's Feedback

Can anybody explain (short n simple) about SOX & SoDs with 3 examples for each functional modu..

Answer / parixit

SoX is serbian & Oxley, it is an ACT in US, this ACT should
be liable for buisness.

SoD is Segeration of Duties, Division of power in different
position. it gives power as per the designation.

Is This Answer Correct ?

5 Yes

1 No

Can anybody explain (short n simple) about SOX & SoDs with 3 examples for each functional modu..

Answer / sakthi

SOD stands for Segregation of duties.

It helps us to identify frauds and Misstatements.

For example in virsa tool we have critical SOD conflict S017
for SD module where it identifies and checks for user who
could Perform credit approval function and modify cash
received for fraudulent purposes.

SOD conflict F017 for FICO module where it checks for users
who could Maintain a non bona-fide bank account and divert
incoming payments to it.

SOD conflict P001 for PP module where it checks for users
who could Maintain a fictitious vendor and enter a Vendor
invoice for automatic payment

As far my experience concerned we need to avoid critical SOD
conflicts as much as possible and these SOD conflicts are
the ones which the auditor checks and they ask for the
mitigation control that we have outside like trace.

Is This Answer Correct ?

3 Yes

0 No

Post New Answer

More SAP Security Interview Questions

What does the pfcg_time_dependency clean up?

0 Answers

What are the critical tables in BI Security

1 Answers IBM, L&T,

a user is asking for a t-code to assign ? hou do u assign the t-code ?

5 Answers IBM,

What is Business Process? Explain about the Business Process Procure to Pay?

1 Answers Accenture,

SU25 Step6 How Roles are created through Profiles?

2 Answers IBM,

how to do Restricting nodes and Hierarchies through characteristic values and authorization objects

0 Answers IBM,

How would you do the 'lock all users at once'.

1 Answers

1. what is the difference b/w change authorization mode and expert mode. 2.when we do the user comparison in pfcg what is the difference in complete comparison and expert mode comparison. 3. what are the critical auth objects in security point of you , 4.when we do the transportation of composite role what will happened . 5.while doing the kernel upgrade we download the executable s one by one are all together. 6. while applying the patches what is the importance of test import why we do test import

2 Answers IBM,

How can find out wheather CUA(Central User Administration) is configured on your sap system?

3 Answers SAIC,

Q6) When do you get a screen for " maintaining the authorization values for org elements " in PFCG ??? (i.e..screen you get thru PFCG --> AUTHORIZATION tab --> CHANGE AUTHORIZATION DATA --> SCREEN FOR MAINTAINING ORG ELEMENT VALUES )

3 Answers HP,

How to assign more than 312 profiles to any user?? As 312 profiles are limited to assign in any user account.

2 Answers Bosch, Infosys,

Can you explain secure store and forward?

0 Answers

For more SAP Security Interview Questions Click Here