SAP R/3 Security in the Sarbanes Oxley Era - 7 Steps for Better SOX Compliance
- 1.Provide users access on a need to know and need to do basis.
- 2.Adequately secure programs, transactions and tables.
- 3.All user accesses to SAP R/3 are properly authorized and approved.
- 4.Segregation of duties is maintained for all sensitive business transactions.
- 5.All controls and business processes are documented.
- 6.Anti-fraud preventive controls are in place to prevent & detect fraud before an audit.
- 7.User profiles and roles in SAP are secured and designed to meet business requirements.