Ask Me Help Desk

Ask Me Help Desk (https://www.askmehelpdesk.com/forum.php)
-   Business Plans (https://www.askmehelpdesk.com/forumdisplay.php?f=59)
-   -   Business case (https://www.askmehelpdesk.com/showthread.php?t=830481)

  • Feb 9, 2017, 12:17 PM
    shoaaa
    Business case
    Q: You are currently doing an annual review on SAP accesses as part of your role as Business Expert in SAP Security. You just identified that an employee whose responsibility is to run Payroll has 2 SAP security roles: One that allows her to change employee bank accounts and another that allows her to run the payroll action to pay the employee. Is there any problem with this user's security access and what should you do next?
    Select 1 of the answers below

    * This access is correct. No action needed as she needs both roles to perform her day to day activities. You will capture this on your personal notes to remember in case you got reported an issue with payments being derivated.


    * This is a big security risk for the company as this access would allow the employee to transfer herself big amounts of money. Hence, you need to remove one of the 2 accesses from her: the one that she needs the least. After, once the risk has been addressed, you will work with the team to understand if they really need the role removed and will grant it to someone else who doesn't have the other role.


    * This is a big security risk for the company as this access would allow the employee to transfer herself big amounts of money. Hence, you should verify that the employee really needs both abilities to do her job. If not, you should remove the unneeded access from her. If yes, you should document this properly so that the security team is aware of this risk.


    * This access is correct - otherwise she wouldn't have it- so you should document it and share this information with the security team.
  • Feb 9, 2017, 03:50 PM
    paraclete
    This is an assignment and we don't do your assignments for you. I will give you a clue as you are obviously clueless, study internal control principles

  • All times are GMT -7. The time now is 08:42 AM.