sap security and controls l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SAP Security and Controls PowerPoint Presentation
Download Presentation
SAP Security and Controls

Loading in 2 Seconds...

play fullscreen
1 / 13

SAP Security and Controls - PowerPoint PPT Presentation


  • 156 Views
  • Uploaded on

SAP Security and Controls . Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations . Agenda. Increased Focus on Security & Controls SAP R/3 Security Risks & Controls Security Management Security Compliance Tools Questions.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SAP Security and Controls' - dorjan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sap security and controls

SAP Security and Controls

Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations

agenda
Agenda
  • Increased Focus on Security & Controls
  • SAP R/3 Security Risks & Controls
  • Security Management
  • Security Compliance Tools
  • Questions
increased focus on security and controls
Increased Focus on Security and Controls
  • Fraud (Barings Bank,WorldCom, Enron,...)
  • Security Breaches (UCs, BC, Stanford...)
  • Regulatory Compliance
    • Sarbanes-Oxley (SOX)
    • Family Educational Rights and Privacy Act (FERPA)
    • Gramm-Leach-Bliley Act (GLBA)
    • Health Insurance Portability and Accountability Act (HIPAA)
security risks
Security Risks
  • Access Control
    • Do some users have too much access?
    • Sufficient access restrictions to private information?
  • Segregation of Duties (SoD)
security compliance tools internal controls
Security Compliance Tools – Internal Controls
  • “Internal Controls are processes designed by management to provide reasonable assurance that the Institute will achieve its objectives” (From MIT’s Guidelines For Financial Review and Control)
  • Cost of implementing control should not exceed the expected benefit of the control
  • “Security is a process not a product”
security compliance tools
Security Compliance Tools

Who has access to sensitive transactions?

Are there any SoD violations?

  • Real-Time Monitoring
  • Remove access or assign mitigating controls
  • Reduce time and effort when providing information to auditors
  • Used during implementation of new modules
sod rules matrix
SoD Rules Matrix
  • Predefined SoD Rule Set
  • Can Add Custom Transactions to Rule Set
virsa compliance calibrator10
Virsa-Compliance Calibrator
  • Resolve SoD Issues
security compliance software vendors
Security Compliance Software Vendors
  • Virsa
  • Approva
  • Oversight Systems
  • Big 4 (E&Y, PwC, KPMG, Deloitte)
benefits of security compliance tools summary
Benefits of Security Compliance Tools - Summary
  • Run with SAP R/3
  • Automate SoD analysis
  • Automate monitoring of critical transactions
  • Quick assessment of authorization compliance for business users, auditors, and IT security staff
  • Used during development/project efforts
  • Avoid manual analysis and false positives