on 02-16-2011 3:49 PM
Hi ,
Is there any additional risk to give Basis administrators ( who have the SAPALL access) an additional profile which is being the ADMIN of Control M ( Job Scheduler) ?
What's the impact of this on SOX ?
Thanks,
Control M : http://www.scheduler-usage.com/document/Version/640/books/70028.pdf
The BASIS Admin have SAP_ALL, however he does not have the Control of Job Scheduler, in that case providing the addtional authority will result further SoD violations Risk relating to Job maintenance. The SOX compliance will have adverse remark for the said SoD Risks.
Jwalant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If a basis administrator has SAP ALL in production, there is no way you get away with that without a deficiency in the SOX audit as it is.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If your Basis guys have SAP_ALL you already have any kind of risk you can think of, including the one that they just as well could assign the additional profile themselfes, or just run the jobs under a different users permissions.
Your authorization concept needs a serious overhaul if this is how you work...
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.