Академический Документы
Профессиональный Документы
Культура Документы
A001
Risk Level
High
Description of Risk
Unauthorized maintenance of planning model and version may
adversely impact the production planning data stored in APO.
This transaction should be limited to selected demand planning
super user or manager.
Unauthorized deletion of active planning version may adversely
impact the production planning data stored in APO. This
transaction should be limited to selected demand planning super
user or manager.
Unauthorized maintenance of planning model and version may
adversely impact the production planning data stored in APO.
This transaction should be limited to selected demand planning
super user or manager.
Access to maintain macros/rules should be controlled via change
management process. Unsupported or incorrect adjustments are
made to the macros/rules may result in inaccurate production
planning and production scheduling.
A developer could modify an existing program in production,
perform traces to the program and configure the production
environment to limit monitoring of the program run by increasing
alarm thresholds and eliminating audit trails through external OS
comma
A developer could create or modify a program in production and
force the transport of these changes after the fact to conceal
irregular development practices. This also enables the reverting
back to the program's original version without any trace of the
changes made in production.
A developer could modify program components (menus, screen
layout, messages, queries) and configure the production
environment to limit monitoring of the program runs using the
modified program components by increasing alarm thresholds
and eliminating audit trail
A developer could modify program components (menus, screen
layout, messages, queries) and force the transport of these
changes after the fact to conceal irregular development
practices. This also enables the reverting back to the program
components origin
An individual could modify data in tables or modify valid
configuration values and setup the production environment to run
transactions and programs using the inappropriately modified
data. This could affect data integrity, system performance, and
proper
An individual could modify data in tables or change valid
configuration and replicate these changes to other clients. This is
particularly sensitive if client administration transactions come
with client-independent authorization allowing the developer to
TCODE
A002
High
A003
High
A008
High
B002
High
B004
High
B006
High
B008
High
B009
High
B010
High
B011
High
BS10
B012
High
BS10
B017
High
B018
High
B019
High
D003
High
D004
High
D005
High
D006
High
AO02
AO03
AO04
AO09
BS02
BS02
BS04
BS04
BS03
BS03
BS07
BS08
BS13
CR03
CR04
CR04
CR04
D007
High
Enter fictitious service orders for personal use and accept the
services through service acceptance. The user could prompt
fraudulent payments. In addition spare parts could be
fraudulently issued from inventory as a result of the confirmation.
CR05
D008
High
CR07
D009
High
D010
High
D011
High
CR06
D013
High
CR08
D014
High
D015
High
D016
High
D017
High
D018
High
D019
High
E001
High
E002
High
E003
High
User could create a fictitious credit memo and run billing due in
CRM to prompt a payment to a customer. The customer could
provide a kickback to the internal user.
User could create a fictitious credit memo and run billing due in
R3 to prompt a payment to a customer. The customer could
provide a kickback to the internal user.
Pricing conditions could be manipulated to provide inappropriate
discounts or incentives to customers which will be realized in an
incorrect invoice.
A user could enter a sales order in CRM and lower prices via
conditions for fraudulent gain
Commission or Incentives may be paid based on the number of
qualified leads. Inappropriately qualified leads could result in
fraudulent commission payments.
Commission or Incentives may be paid based on the number of
service orders. Fraudulent orders could be entered to achieve
higher sales for commissions.
Commission or Incentives may be paid based on the number of
sales orders. Fraudulent orders could be entered to achieve
higher sales reporting for commissions.
Maintain a fictitious vendor and enter an invoice to be included in
the automatic payment run
Purchase unauthorized items and prompt the payment by
invoicing
Enter fictitious orders for personal use and accept the goods or
services through goods receipt or service acceptance
E004
High
SR03
E005
High
SR01
E010
High
FI03
E011
High
E012
High
SR06
E013
High
SR06
E014
High
SR02
E015
High
E019
High
E020
High
E021
High
E022
High
E023
High
Enter fictitious orders for personal use and access the goods or
services through goods receipt
Enter fictitious orders for personal use and access the goods or
services through service acceptance
Approve the purchase of unauthorized goods and hide the
misuse of inventory by not fully receiving the order in R3
Where release strategies are utilized, the same user should not
maintain the purchase order and release or approve it.
Create a fictitious vendor or change existing vendor master data
and approve purchases to this vendor
Enter fictitious orders for personal use and manipulate the
organizational structure to bypass approvals
Create or maintain fictitious vendor and manipulate the
organizational structure to bypass approvals or secondary
checks
AR05
CR06
CR08
AR07
CR04
CR02
CR05
CR04
SR01
SR02
SR02
SR06
SR02
SR07
SR02
SR01
SR02
SR01
E024
High
F005
High
F006
High
F007
High
F008
High
F013
High
F014
High
F015
High
F016
High
F017
High
F025
High
F027
High
G001
High
G002
High
G003
High
G004
High
G005
High
G006
High
G007
High
G008
High
G009
High
G010
High
G011
High
G012
High
SR08
FA01
FI04
FA01
AR02
FA02
PS02
PS01
PS01
FI04
FI04
FI08
EC01
EC01
EC01
EC01
EC01
EC01
EC01
EC01
EC01
EC01
EC01
EC01
G013
High
EC01
G014
High
H001
High
H002
High
HR01
H003
High
H004
High
H005
High
H006
High
H007
High
H008
High
HR05
H009
H010
High
High
HR04
PY03
H011
High
PY02
H012
High
H013
H014
High
High
HR04
HR03
H015
High
HR03
H016
High
PY06
M006
High
M011
High
M012
High
P001
High
P002
High
Users may enter false time data and perform work schedule
evaluations
Accept goods via goods receipts and perform a WM physical
inventory adjustment afterwards.
Accept goods via goods receipts and perform an IM physical
inventory adjustment afterwards.
Accept goods via goods receipts and perform an IM physical
inventory adjustment afterwards.
Maintain a fictitious vendor and enter a Vendor invoice for
automatic payment
Maintain a fictitious vendor and create a payment to that vendor
P003
High
AP02
P004
High
P005
High
PR02
P006
High
P007
High
Enter fictitious purchase orders for personal use and accept the
goods through goods receipt
Enter fictitious vendor invoices and accept the goods via goods
receipt
Enter a fictitious purchase order and enter the covering payment
P008
High
PR01
P011
High
PR02
P014
High
P016
P019
High
High
EC01
HR03
PY07
HR04
HR04
PY02
HR03
HR04
MM04
MM04
MM04
PR01
AP01
PR02
AP02
PR02
FI03
PR08
PR04
P020
High
PR04
P021
High
P022
High
P023
High
PR04
P026
High
P027
High
PR01
P028
High
P029
High
P030
High
P038
High
P045
High
P046
High
P047
High
P048
High
PR04
P051
High
AP04
P052
High
AP02
P053
High
P054
High
PR08
P055
High
P056
High
AP04
P057
High
P058
High
P059
High
S001
High
S002
High
S003
High
S004
High
S005
High
S006
High
S007
High
S008
High
PR04
PR04
AP01
PR05
AP02
AP01
AP01
PR02
PR02
PR04
PR02
PR04
AP04
AP04
PR02
AR04
SD05
SD05
SD01
SD01
AR03
SD05
AR04
S010
High
S011
High
S012
High
S013
High
S014
High
S015
High
S016
S017
High
High
S018
High
S019
High
S022
High
S023
High
S024
High
S025
High
S026
High
S027
High
S028
High
S029
High
AR02
SD05
AR04
AR07
SD01
SD01
AR06
AR02
SD05
AR07
AR02
AR02
AR05
SD01
AR02
SD02
SD05
AR03
Function 1
APO Maintain Model
APO Model
Management
&
TCODE
AO01
Version
Function 2
APO Supply &
Planning
Tc
Demand
AO01
Demand
AO01
Demand
APO
Define
Macros
AO01
Demand
Basis Development
BS06
Configuration
Basis Development
BS12
Transport Administration
Basis Utilities
BS06
Configuration
Basis Utilities
BS12
Transport Administration
BS11
System Administration
BS05
Client Administration
Security Administration
BS05
Client Administration
Security Administration
BS12
Transport Administration
Create Transport
BS09
Perform Transport
BS11
System Administration
BS14
CR04
SD02
Delivery Processing
CR07
CRM Billing
AR05
Advanced
Function 3
CR06
Service Confirmation
CRM Billing
CR03
CR03
Service Confirmation
CR07
CRM Billing
Service Confirmation
AR05
CR07
CRM Billing
AR05
CR09
Maintain Conditions
CR09
Maintain Conditions
Maintain Opportunity
PY04
Process Payroll
PY04
Process Payroll
PY04
Process Payroll
SR03
SR03
SR04
EBP
/
SRM
Goods
Receipt/Service Acceptance
SR04
EBP
/
SRM
Goods
Receipt/Service Acceptance
SR02
Bank Reconciliation
SR03
EBP
/
SRM
Goods
Receipt/Service Acceptance
EBP
/
SRM
Goods
Receipt/Service Acceptance
MM01 Clear
Differences
Inventory Management
EBP
/
SRM
Goods
Receipt/Service Acceptance
PR08
SR07
SR07
SR09
SR09
Service Acceptance
SR07
AP01
AP Payments
AP02
Cash Application
FI03
PS03
Settle Projects
PS03
Settle Projects
PS02
AR02
Cash Application
AP04
FI09
AP01
AP Payments
Maintain Hierarchies
AP02
Maintain Hierarchies
AP04
Maintain Hierarchies
AR02
Cash Application
Maintain Hierarchies
AR07
Maintain Hierarchies
CC03
Maintain Hierarchies
FA01
Maintain Hierarchies
FA02
Maintain Hierarchies
FI01
Revenue Reposting
Maintain Hierarchies
GL01
Maintain Hierarchies
GL02
Maintain Hierarchies
GL03
Bank Reconciliation
Maintain Hierarchies
PR01
Maintain Hierarchies
SD01
PY04
Process Payroll
HR Benefits
PY04
Process Payroll
HR02
HR Vendor Data
PY01
Approve Time
PY04
Process Payroll
Maintain
Payroll
Configuration
Maintain Employee (PA)
Master Data - 0008 - 0009 (
PY04
Process Payroll
PY02
Maintain
Configuration
Modify PD Structure
HR03
PY03
PY04
Payroll Maintenance
Process Payroll
Maintain
Payroll
Configuration
Maintain Time Data
PY03
Payroll Maintenance
PY02
HR05
HR04
Maintain
Payroll
Configuration
Modify PD Structure
Maintain Time Data
PY03
Payroll Maintenance
Payroll Schemas
HR04
Goods Movements
Goods Movements
MM01 Clear
Differences
Inventory Management
Goods Movements
Vendor Master Maintenance
AP Payments
PR01
AP01
AP Payments
AP02
AP01
AP Payments
PR02
Service Acceptance
PO Approval
AP01 AP Payments
MM05 Goods Receipts to PO
Payroll
PO Approval
AP01
AP Payments
PO Approval
AP02
PO Approval
PO Approval
PR01
AP Payments
PR05
Purchasing Agreements
PR05
Purchasing Agreements
Purchasing Agreements
PR05
Purchasing Agreements
AP Payments
PR03
Service
Maintenance
AP Payments
FI03
Bank Reconciliation
PO Approval
PO Approval
PR01
AP04
AP04
Service Acceptance
AP04
PO Approval
AP04
PR05
Purchasing Agreements
PR03
Service
Maintenance
FI03
Bank Reconciliation
PR04
PO Approval
Credit Management
SD05
AR03
SD01
AR07
SD03
Sales Rebates
AR05
AR05
Credit Management
SD03
Sales Rebates
MM01 Clear
Differences
Inventory Management
MM01 Clear
Differences
Inventory Management
MM08 Clear Differences - WM
Master
Master
Cash Application
AR05
AR01
AR Payments
AR01
AR Payments
SD04
SD02
Delivery Processing
SD06
SD06
AR02
Cash Application
SD03
Sales Rebates
Cash Application
SD01
AR04
Credit Management
SD06
AR03
AR05
AR07
Delivery Processing
AR02
Cash Application
AR07
AR06