whts the differents between SoX ,SoD??????wht kind of work
Sox do as wel .....SoD do?
whts is virsa??????? and VRAT,,,,VFAT,, how it workin
security.
Answers were Sorted based on User's Feedback
Answer / aichik_am
SoX - refer to Sarbanes OXley act in the earlier 2000+-.
Where it impact all US companies either they operated in US
or outside (on other countries). Some people think this act
is significant, after fall down of big companies such as
Enron etc..
SoD - refer to Segregation of Duties. Basically one person
cannot have access to the whole process. The task need to be
segregated so that there is check and balance.
VIRSA - is one of third party tools used to check for SoX
compliance in a company. Other then this, there are also
other product such as APPROVA and SecurInfo. Nowadays VIRSA
have been brougt by SAP, and rebrand it as GRC (Governance,
Risk and Control).
Is This Answer Correct ? | 8 Yes | 0 No |
Answer / ranjeet kumar
Segaration of duty, as a security principle, has as its
primary objective the prevention of fraud and errors. This
objective is achieved by disseminating the tasks and
associated privileges for a specific business process among
multiple users. This principle is demonstrated in the
traditional example of separation of duty found in the
requirement of two signatures on a cheque.With the concept
of SoD, business critical duties can be categorized into
four types of functions: authorization, custody, record
keeping, and reconciliation.
Is This Answer Correct ? | 3 Yes | 0 No |
SOX is nothing but Sarbanes OXley act,is developed by the famous auditors Sarbens and Oxley.They developed this law to control the irregularities in the company.Long ago an American company named Enron cheated the customers and share holders and leads to the crisis in the Nation.Then SOX law came into the picture.
SOD refers to "Segregation Of Duties".SOD designed with the concept of separating any sensitive action among the people.Due to this no one can get the full command over the task, so it helps to minimize the irregularities in the company.
Virsa is a third party tool brought by SAP which is useful in finding the SODs.
/n/virsa/zVRAT is the transaction that helpful in finding the violations in virsa.
/n/virsa/VFAT is the transaction for the assigning or mapping the fire fighter id to the user.
Is This Answer Correct ? | 2 Yes | 1 No |
How many authorizations fit into a profile?
What are identical users in CUA?
what is role designing
why we are using the landscape in sap r/3 ?
What is the Organization level?
how to view the su53 screen for other users?
Can we delete a Role and transport it?Explain How?
Hi, I want to import my Transport request from DEV. to Test system (from STMS buffer of DEV.(domain only) but I don’t want Login/PWD screen while importing from DEV to Test System. But I need login/pwd screen while importing TR from Test to PRD system. Presently I have activated all systems as a non trusted systems. If any one has idea please let me know. Thanks in advance! Regards, Raj Chavan.
What is the difference between Execution and Simulation in grc rar
how we Restrict the auth groups for table maintain, creating Auth group using SE54 to built new Auth groups to restrict tables via auth object S_TABU_DIS
Hi This is Prakash . Can any one tell me what is the use of SU24 and SU25 transaction code exactly
How to hide SAP user menu or Role Menu from end user?