Skip to Content

S-OX Question

In terms of S-OX compliance who is responsible for the OADP configuration required for MSS in the backend? Is it the Business Analyst or the Technical Resource? I am a Technical Resource & having a hard time convincing our folks to give me SPRO Authorization & thereby do the OADP config. I would appreciate if anyone can share the thoughts/experiences on this issue.

~Suresh

Add a comment
10|10000 characters needed characters exceeded

Related questions

3 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Feb 15, 2007 at 05:01 PM

    Hi Suresh,

    Not sure what your Business process is but logically the Business analyst should give you the requirements for you to do the configaration.Thats my take on it.

    Regards

    Uday

    Add a comment
    10|10000 characters needed characters exceeded

    • We use this tool called VIRSA that does the S-OX compliance analysis..

      typically a Developer isn't supposed to have the IMG ie the SPRO authn.. my argument (that has no takers) is that, if the developer knows how do the config & the BA doesn't know it, why not let the Developer do it.. but at our place it amounts to crossing the SOD border( Segregation Of Duties).. just wanted to check how others deal with such issues.. As of now, I show the BA what needs to be done & meet the reqt...

      ~Suresh

  • Posted on Jul 01, 2007 at 02:50 AM

    don't expect any further responses..

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Suresh,

      It happens several times with all , well in this case what I prefer to do is just waiting for the right time and checking for the right opportunity. In the mean time doing it in development , due to this my dev ID also they blocked although never sit ideal either helping all guys or just having fun in SDN.

      Never mind and go ahead collecting and sharing knowledge and smartly check to opportunity.

      Manoj Shakya

  • Posted on Feb 15, 2007 at 08:05 PM

    haha My experience....VIRSA is a tool for "suggestions" not "absolutes". I am a technical consultant with functional knowledge as well. Therefore, I wear several hats at times....nothing that cause conflicts with SOX but just cross-discipline. Anyways, it has been my experience than in regards to ESS and MSS config, it is more technical than anything and thus, I tend to have to do it. The config for ESS/MSS from a business standpoint is little to none....ESS/MSS basically sits on top of what is configured in the true business areas of HR config.

    Now, if "they" just don't get that and they want to pay you to sit over an analysts shoulder and instruct "click here, enter this, go there, do that"....then I'd say fine. You brought up the concern and they ultimately made the decision. Have fun!

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.