Open AccessA Segregation of Duties Case Study in the Purchase-to-Pay Process with an SAP Example
Author(s) -
Nancy Jones,
Jim Mensching
Publication year - 2007
Publication title -
ais educator journal
Language(s) - English
Resource type - Journals
ISSN - 1935-8156
DOI - 10.3194/aise.2007.2.1.1
Subject(s) - authorization , legislation , process (computing) , business , business process , process management , control (management) , set (abstract data type) , computer science , accounting , computer security , marketing , work in process , law , artificial intelligence , political science , programming language , operating system
With the advent of legislation dealing with financial responsibility and information assurance, the topic of segregation of duties has gained additional importance. Recent studies have found that segregation of duties is one of the areas in which companies have frequently disclosed material internal control weaknesses under reporting requirements of the Sarbanes-Oxley Act of 2002. This is a case assignment that develops both the theoretical base for segregation of duties and then illustrates how this is accomplished in a highly integrated computerized enterprise business environment. The authorization system within the SAP R/3 system is used to illustrate the implementation of segregated duties in one type of ERP system. There are four steps to the case: assessing risks of the business process, defining positions within the organization to handle a set of defined tasks, developing an authorization matrix for designated employees, and examining the SAP authorizations system.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom