Big4Guy
Big4GuyWelcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.
|
Post details: SAP R3 Auditor Authorizations - Authorization Required for SAP Auditing
07/26/06
07:15:38 am, Categories: SAP R/3 Technical Interview Questions & Answers, Sarbanes Oxley, SAP R/3, SAP FICO, 236 words 
SAP R3 Auditor Authorizations - Authorization Required for SAP Auditing
To successfully audit the SAP R/3 system, the auditor needs to have an appropriate level of access in the SAP system. As a basic rule of auditing, SAP auditors should have display access authorization to the various functions / transaction codes within SAP. Auditors normally receive display access to the production client in SAP. This enables the auditor's to browse through live data in the system with view access.
In some cases, where an auditor is required to check the SAP system configuration or configurable controls in SAP, auditors may request access to the test SAP environment. This is done so that auditors can pass test or dummy entries in SAP R/3 to test the system logic and how transactions are processed. In no case should the auditor have modify / change access to the production client in SAP. This may have legal consequences which may have an adverse impact on the engagement. I would also suggest getting a express letter from the management which outlines the access authorization in SAP R/3.
As such SAP provides certain standard display authorizations which the auditor can request.
F_ANZ - This is the display authorization for the financial module
A_ANZ - This is the display authorization for Fixed Assets
M_ANZ - Display authorizations for material and logistics operations
S_A_SHOW - Display for SAP BASIS transactions.
Related Posts
Correction & Transport System in SAP , Authorization Concept in SAP , SAP Number Ranges
Comments:
No Comments for this post yet...
Categories
Archives
Search
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Misc
All content copyright © 2005-2008
Big4Guy.com
Do not reproduce either in part or full without the express permission of the
Webmaster
