- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-02-2007 5:32 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-02-2007 7:53 PM
hai
this is ajay SOD is nothing but segregation of duties.in this you are unable to do all the works means (creating user master, creating roles, profiles).
In SOD these are divided 1. user administrator
2.data administrator
3.profile administrator
user admin-- he will create user (he can change and he can create user maser record. but he will get roles and profiles in display mode.
Data admin--- he can create and change roles but he will get users and profiles in display mode.
Profile admin--he will generate profiles but he cant do any thing for users and roles.
Like this the duties are divided.
I think this is the right answer for your question or if you want more go to authorizations made easy
Regards
AJAY KUMAR
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-02-2007 5:48 PM
SOD Segregation of duties.
Separation of the management or execution of certain duties or of areas of responsibility is required in order to prevent and reduce opportunities for unauthorised modification or misuse of data or service.
past threads on this topic
http://easymarketplace.de/online-pdfs.php
http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCCSTADM/BCCSTSAL.pdf
http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCSECAUDLOG/BCSECSAL.pdf
http://sapecc.com/sox_sod/sod_matrix.htm
<a href="http://sapecc.com/sox_sod/sod_matrix.htm">http://sapecc.com/sox_sod/sod_matrix.htm</a>
http://www.sapsecurityonline.com/sox_sod/sod_matrix_fi.htm
http://www.auditnet.org/sapaudit.htm
http://help.sap.com/saphelp_erp2005vp/helpdata/en/3f/857e41564c020de10000000a1550b0/frameset.htm
http://www.law.uc.edu/CCL/SOact/toc.html
http://www.auditnet.org/sarbox.htm
http://www.isaca-kc.org/doc/Segregation%20of%20Duties.pdf
Cheers,
Ben
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-02-2007 7:53 PM
hai
this is ajay SOD is nothing but segregation of duties.in this you are unable to do all the works means (creating user master, creating roles, profiles).
In SOD these are divided 1. user administrator
2.data administrator
3.profile administrator
user admin-- he will create user (he can change and he can create user maser record. but he will get roles and profiles in display mode.
Data admin--- he can create and change roles but he will get users and profiles in display mode.
Profile admin--he will generate profiles but he cant do any thing for users and roles.
Like this the duties are divided.
I think this is the right answer for your question or if you want more go to authorizations made easy
Regards
AJAY KUMAR
- SAP Managed Tags:
- Security
