Skip to Content

Conflicting functions AP01 – AP Payments and AP02 – Process Vendor Invoices for risk id: - P003

Dear Friends, We recently updated our rule set and we are now trying to remediate the SoD's for conflicting functions AP01 and AP02 especially for risk id: - P003 to start with [ Screen shot attached ].

Please let us know if there is a way to remediate these from security side or will it be mandatory to apply an MC.

Thanks

Raj

p003.jpg (42.8 kB)
p003.jpg (42.8 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Mar 05, 2017 at 12:09 PM

    Hi,

    Remediation is done through applying MC. So, please proceed on MC

    Regards

    Plaban

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 06, 2017 at 01:09 PM

    Raj,

    there are always ways to remediate a risk. It depends on your security requirements if you want to remediate or instead assigning a mitigating control. Remediating itself isn't a problem (from a technical point of view).

    Please consider these two documents that might be helpful in your case: http://scn.sap.com/docs/DOC-57447 and https://blogs.sap.com/2014/03/17/defining-mitigating-controls-compensating-controls/

    Regards, Alessandro

    Add comment
    10|10000 characters needed characters exceeded