Using SAP System Configuration Security Test to Comply with Sarbanesoxley Act
نویسنده
چکیده
Most observers would agree that the Sarbanes-Oxley Act (SOA) is the single most important piece of legislation affecting corporate governance, financial disclosure and the practice of public accounting. On the other hand, the SAP system is the most widely used ERP (Enterprise Resource Planning) system in the world. There are thousands of seamlessly linked components and subsystems. Conducting security tests in a complicated ERP system is still a major challenge. Based on the study of the SAP system configuration security testing at the author’s company, this work-in-progress paper will discuss related configuration security weakness in SAP system and suggest practical solutions to enhance the security control of SAP to comply with SOA.
منابع مشابه
An Overview of Laws and Standards for Health Information Security and Privacy
In the complex technological world that healthcare organizations and their business associates operate, there exist security threats and attacks which render individually identifiable health information vulnerable. Laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. There are also standards that assist healthcar...
متن کاملFormal approach on modeling and predicting of software system security: Stochastic petri net
To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...
متن کاملAutomated Checking of SAP Security Permisisons
Configuring user security permissions in standard business applications (such as SAP systems) is difficult and error-prone. There are many examples of wrongly configured systems that are open to misuse by unauthorised parties. To check permission files of a realistic size in a medium to large organisation manually – a typical number would be 60,000 entries – can be a daunting task which is ofte...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کاملA Novel Active Filter for Mitigation of EMI and Other Adverse Effects of PWM Inverter-Fed AC Motor
This paper presents novel active filter for mitigation electromagnetic interference (EMI) and other adverse effects of pulse width modulation (PWM) inverter-fed AC motor system. An active filter proposed and devised for this system is characterized by sophisticated connection of two small separate filters, capable of mitigating all the adverse effects. This paper provides high frequency models ...
متن کامل