Question:
Hi Gurus,
i came to knw abt the Sarbanes Oxley act from sapfans.
i would like to knw more abt it.i came to knw its related to security.
plz anyone can tell me abt tht.
with regards,
biju
Answer:
Search the forum and you will find it's been covered a few times. Only a tiny part of it relates to security, in fact Sarbox covers pretty much all parts of running a business. Security is just the implementation of a part of it.
Answer:
Take a look at a recent upload to my website
This CD was provided by basisbabe and is from the recent Meeting in Washington on Sarbanes-Oxley Compliance
http://www.sapsecurity.net/storage/SOcompliance/home.html
_________________
Gary Morris
SAP Security Analyst/Developer
garymorris@sapsecurity.net
Answer:
You've got some great resources on your site Gary!
On the subject of the SoX stuff, it seems a good excuse for companies to implement what we have told them to do for the last few years! IMO The Security Best Practices doc from the Sarbox conference should be taken with a pinch of salt, but then auths made easy is the same!
cheers,
al.
Answer:
Thanks Al, all for the community bro' I hope you find it helpful. More to come as soon as I get all my CD backups uploaded to my webhosts.
SOX Compliance takes a lot of people from different departments to implement. SAP Security Administrators mainly will need to be responsible for Auditing SOD, (for SAP that is) but other teams have to help them determine what is a SOD in their company as it relates to FI, etc. I am sure there are plenty of companies that will provide this over all implementation as a project and then leave behind checklists etc to keep it in compliance if you are willing to pay them to do it. But it seems to me that anyway you slice it the Security Admin has to interface with the Business Owners and do a better job of learning the Business Modules.
_________________
Gary Morris
SAP Security Analyst/Developer
garymorris@sapsecurity.net