cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Segregation of Duties .

Former Member

on ‎02-16-2011 3:49 PM

0 Kudos

Hi ,

Is there any additional risk to give Basis administrators ( who have the SAPALL access) an additional profile which is being the ADMIN of Control M ( Job Scheduler) ?

What's the impact of this on SOX ?

Thanks,

Control M : http://www.scheduler-usage.com/document/Version/640/books/70028.pdf

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

jwalant_prafuldalal
Explorer
‎02-17-2011 11:32 AM
0 Kudos

The BASIS Admin have SAP_ALL, however he does not have the Control of Job Scheduler, in that case providing the addtional authority will result further SoD violations Risk relating to Job maintenance. The SOX compliance will have adverse remark for the said SoD Risks.

Jwalant

Show replies
Show replies
Former Member
‎02-16-2011 3:51 PM
0 Kudos

If a basis administrator has SAP ALL in production, there is no way you get away with that without a deficiency in the SOX audit as it is.

Show replies
Show replies
Former Member
‎02-16-2011 4:09 PM
0 Kudos

Well, the BASIS Users do have SAP ALL already , but it's monitored through specific users.

The problem is adding them the Control M admin profile .

I don't know if giving them the admin Access increases the risk , or add another type of risk !

koehntopp
Product and Topic Expert
Product and Topic Expert
‎02-17-2011 8:28 AM
0 Kudos

If your Basis guys have SAP_ALL you already have any kind of risk you can think of, including the one that they just as well could assign the additional profile themselfes, or just run the jobs under a different users permissions.

Your authorization concept needs a serious overhaul if this is how you work...

Frank.

Ask a Question