SAP Sarbanes-Oxley 51
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
Please refer to this document [isaca.org/Template.cfm?Section=Home-and-Template=/ContentManagement/ContentDisplay.cfm-and-ContentID=12406], called ‘IT control objectives for sarbanes-oxley’. That might be helpful.
-
The question was specific to SAP security - the document linked is too broad top provide anty specific help.
Are there SAP practitioners out there who have specific tips on the security and how to make it compliant for SOX.
-
There is no SPECIFIC answer to this, there is no standard configuration of SAP that results in SOx compliance.
You have to apply judgement in relation to the specifics of your business using an appropriate framework such as CobIT. CobIT tells you the areas you need to address, it is for the business to decide how to do so.
That said. ISACA also have a document about Audit, Control and Security of SAP which may help you address some of those areas.
-
SAP does sell a SOX compliance module / tool. Don’t know much detail about it but it might be worthwhile contacting them. They may even a white paper or something that could give you all the marketting hypw you can handle and maybe even a place to start in your considerations.