Hai Sudhanshu,

First I want you to specify a particular Application (Occupation) for which you need controls.

SAP provides a lot of Application controls and general controls to prevent, detect and also correct the occupational frauds, that is one of the reason why it is No. 1 in ERP.

Mainly the SPA provides transaction log from which all the tasks performed can be traced out.

Ok, restricitng myself to your examples,

<b>

1</b> Misappropriation of assets - In SAP once the Asset is created it cannot be deleted as it is without proper aythorizations and same way depreciation calculations are also made on the basis of depreciation rules, -

This prevents from misappropriation of Assets either by unauthorised disposal or by writing it off fully.

<b>2</b> Fake invoicing - In SAP while customizing we have the options to make the settings in order to avoid the duplicate invoice entries -

This prevents from having the double payment to the customers.

<b>3</b> When you say frauds in payroll dept - what type of frauds ?

The application controls differs from application to application.

This is all what I can inform you,

Bye.

<b></b>

Beyond handling SoD risks (that are managed by GRC Access Control) you may want to consider GRC Process Control that ensures process compliance across the enterprise. For details please have a look at http://www.sap.com/solutions/grc/grcprocesscontrol/index.epx.

SOD(Segregation od Duties) is a way of preventing occupational Fraud .

Firstly the Fraud should be known , as in the risk should be calculated.

Then mitigating controls should be put in place .

We need to make sure that whenever any access is granted to an individual that we know what is the risk involved with that and try to put corresponding controls in place for the same