on 03-05-2017 10:07 AM
Dear Friends, We recently updated our rule set and we are now trying to remediate the SoD's for conflicting functions AP01 and AP02 especially for risk id: - P003 to start with [ Screen shot attached ].
Please let us know if there is a way to remediate these from security side or will it be mandatory to apply an MC.
Thanks
Raj
Raj,
there are always ways to remediate a risk. It depends on your security requirements if you want to remediate or instead assigning a mitigating control. Remediating itself isn't a problem (from a technical point of view).
Please consider these two documents that might be helpful in your case: http://scn.sap.com/docs/DOC-57447 and https://blogs.sap.com/2014/03/17/defining-mitigating-controls-compensating-controls/
Regards, Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Remediation is done through applying MC. So, please proceed on MC
Regards
Plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
15 | |
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.