SIM105 Life After SOX - Tips to Simplify Management of SAP Security and Compliance
When a business fails an audit on Segregation of Duties (SOD) compliance in their SAP environments, everyone in that entity is impacted. By then, it will not matter how you got there but what can be done to fix it. There are many leading practices that can be put into place to help simplify management of SOD compliance in your SAP environments. The following topics cover some key practices that will help make life after SOX easier for any business: Documentation of your SAP security processes and procedures: Why (and what) is important? Naming conventions – How does this help? Role design and development – doing it right. Monitoring: roles and responsibilities – who, me? Mitigation documentation – working it into your processes. Change management – keeping it real and auditable. Communication – Don't forget to share.