SAP Risk can be monitored and restricted by software application tools which are obtainable from several vendors. The majority of the SAP Software tools have the following common functionality and the major purpose is to control the SAP risk before being introduced into the system.I:0:J
Here the tool effectively looks for transaction federation which can produce segregation of duties or have access to sensitive transactions. This examination is regularly done at the role stage or at the user stage. Once the risk is identified the role can be fixed to clear the sap risk or can apply a mitigating control to be aware of the risk with various conditions.
The mitigating control principally means that the clients consent to the risk and they have designed a process to monitor the risk repeatedly. This monitoring sketch could be automated or manual. This tool will support the internal auditor to monitor the SAP risk and can also take steps as a preventive control. From the SAP security developers standpoint the tool can help the SAP Audit compliance administer verify for SAP risk in the role or user before he makes the change.
Most of clients want to give elevated access to users in production system when the user is trouble shooting specific issue. So by giving them excess access means that the user can have unrestricted access to the system. This means the user could have transaction which will let him do some damage or fraud. So managers want to track what the user is doing in the system during the elevated access. So software tools which are available in the market can track the users' access and send an email once they complete their task. Thus the elevated access is provided for limited amount of time and monitored.
One the major area where risk can be introduced easily is when the user is created. The system administrator can give admission to user without authorization or fat finger a sap access into the user master. In both cases it could be a SAP risk to the company. So most of the tools have features which addresses the user approval process and taking away the manual step of creating the user. One of the ways they handle this is by having a workflow which can be routed to the appropriate people for approval before the user is provisioned in the SAP System.
Here the tool effectively looks for transaction federation which can produce segregation of duties or have access to sensitive transactions. This examination is regularly done at the role stage or at the user stage. Once the risk is identified the role can be fixed to clear the sap risk or can apply a mitigating control to be aware of the risk with various conditions.
The mitigating control principally means that the clients consent to the risk and they have designed a process to monitor the risk repeatedly. This monitoring sketch could be automated or manual. This tool will support the internal auditor to monitor the SAP risk and can also take steps as a preventive control. From the SAP security developers standpoint the tool can help the SAP Audit compliance administer verify for SAP risk in the role or user before he makes the change.
Most of clients want to give elevated access to users in production system when the user is trouble shooting specific issue. So by giving them excess access means that the user can have unrestricted access to the system. This means the user could have transaction which will let him do some damage or fraud. So managers want to track what the user is doing in the system during the elevated access. So software tools which are available in the market can track the users' access and send an email once they complete their task. Thus the elevated access is provided for limited amount of time and monitored.
One the major area where risk can be introduced easily is when the user is created. The system administrator can give admission to user without authorization or fat finger a sap access into the user master. In both cases it could be a SAP risk to the company. So most of the tools have features which addresses the user approval process and taking away the manual step of creating the user. One of the ways they handle this is by having a workflow which can be routed to the appropriate people for approval before the user is provisioned in the SAP System.
About the Author:
Learn more about Sap Audit Compliance Solution. Stop by SAP Audit Compliance site where you can find out all about Sap Audit and what it can do for you.
No comments:
Post a Comment