Answer / aichik_am

SoX - refer to Sarbanes OXley act in the earlier 2000+-.
Where it impact all US companies either they operated in US
or outside (on other countries). Some people think this act
is significant, after fall down of big companies such as
Enron etc..

SoD - refer to Segregation of Duties. Basically one person
cannot have access to the whole process. The task need to be
segregated so that there is check and balance.

VIRSA - is one of third party tools used to check for SoX
compliance in a company. Other then this, there are also
other product such as APPROVA and SecurInfo. Nowadays VIRSA
have been brougt by SAP, and rebrand it as GRC (Governance,
Risk and Control).

Answer / ranjeet kumar

Segaration of duty, as a security principle, has as its
primary objective the prevention of fraud and errors. This
objective is achieved by disseminating the tasks and
associated privileges for a specific business process among
multiple users. This principle is demonstrated in the
traditional example of separation of duty found in the
requirement of two signatures on a cheque.With the concept
of SoD, business critical duties can be categorized into
four types of functions: authorization, custody, record
keeping, and reconciliation.

Answer / sundar

SOX is nothing but Sarbanes OXley act,is developed by the famous auditors Sarbens and Oxley.They developed this law to control the irregularities in the company.Long ago an American company named Enron cheated the customers and share holders and leads to the crisis in the Nation.Then SOX law came into the picture.
SOD refers to "Segregation Of Duties".SOD designed with the concept of separating any sensitive action among the people.Due to this no one can get the full command over the task, so it helps to minimize the irregularities in the company.
Virsa is a third party tool brought by SAP which is useful in finding the SODs.
/n/virsa/zVRAT is the transaction that helpful in finding the violations in virsa.
/n/virsa/VFAT is the transaction for the assigning or mapping the fire fighter id to the user.

HI FRIENDS, Can anybody tell me which is best institute in Hyderabad or bangalore for SAP GRC COURSE.How much duration and cost? Regards, sandy...@

6 Answers  

---

what is your ticketing tool? can we give some details about how we are getting tickets

0 Answers   CTS,

---

DOES ANYONE KNOW WHAT TYPES OF SECURITY QUESTIONS ACCENTURE ASKED IN USA....URGENT PLEASE

0 Answers   Accenture, HCL, IBM,

---

What is the use of tmssup* rfc destinations?

0 Answers  

---

Users are lockdown from past 3 -4 months. Which table is used to know that which users are lockdown?

3 Answers   IBM,

---

what is sap security?

1 Answers  

---

How can we maintain Organizational values? How can we create Organizational values? What is the purpose of these Org. values?

2 Answers   Satyam,

---

1)What does the Profile Generator do? 2)What is the main purpose of Parameters, Groups & Personalization tabs 3)in SU01? purpose of Miniapps in PFCG? 4)What happens to change documents when they are transported to the production system? 5)what are the issues you faced with UME? 6)what is the Ticketing tool that you are using in your organisation?and explain? 7)what do you know abt LSMW? 8)Difference b/w su22 and su24 ? 9)what is the landscape of GRC? 10)What is the difference between Template role & Derive role?

4 Answers   TCS,

---

what is the difference in grc background jobs

0 Answers  

---

Can wildcards be used in authorizations?

0 Answers  

---

what is the process to find that one consultant had removed a table from sap tables

0 Answers  

---

How we Educated client personnel in R/3 Security and general Basis knowledge

0 Answers   IBM,

---