Question: Hi All,
Sorry Doc...this is my first time visit this website. Hope you can understand. I have read the Rules already and wont make same mistakes.
Any one can give me some advices on this topic? Appreciate your expertise on this.
My company is an Europ company which has many subsidiary company, for example A, B and C. I need to do a SOD check to see whether users in company A has the access to do transaction for company B or C.
Example, user in company A has the access to request PO/PR for company B and C.
I dont know how to do the check, any report available?
Pls advice. Thanks in advance!
Answer:
are those companies represented as:
1.) clients
2.) company code AND/OR
3.) plants
??
in this case you only have to check your roles (assuming you are working with roles) for organizational levels adding up. Unfortuately i do not know of any report providing this information ... so i suggest you do it manually.
_________________
rgds
fish
Answer:
This can be a pain to do, but is possible to do it manually. There are a couple of approaches, one way is this:
1. Identify all your role combinations that have SoD's. Do this irrespective of company code as it doesn't really matter at this point.
2. Identify your users that have those combinations
another way - configure the SoD report in RSUSR008_009_NEW - it's a bitch to do, but once you have done it, you will be able to use it on an ongoing basis.
Answer:
A quick first step is to look the Purchase order and Purchase requisition transaction codes and look in SU24 to see if Company code is a controlling field. You may find that it is not. If this is the case the answer is YES they can do PO/ PR for other companies, if you do not contorl on other Company unique fields.
_________________
John A. Jarboe
Answer:
Thanks friends...
Seems it is not an easy job, thanks for your all kindly help on this.
I heared that we can download related tables and put them in to microsoft access, it will give you what you want.
Anyone has experience on this before?
Answer:
You can download pretty much anything into Access, but the tricky part is getting the relationships right, as well as making sure that you are actually looking at what you think you are looking at! If you are not careful, you might end up reporting on the wrong thing, giving false sense of security, and some serious findings from the auditors So always double check everything!
How to check cross company access SOD issue?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment