top of page
Search

Preventing SoD Conflicts: The Importance of Role Management & Governance in ERP Security (SAP ECC & S/4HANA) - part 1

Updated: Apr 4





Espoo, Finland - 01.04.2025 Segregation of Duties (SoD) is of utmost importance to prevent errors and fraud. Anyone should be able to recognize that Role Management & Governance are not initiatives that can be picked up and put back down—it is an ongoing, evolving process that consistently ties up the resources of SAP Security teams. 


A business professional using a digital tablet, surrounded by virtual icons representing cybersecurity, access control, and data governance.


 

Fraud in Shanghai: 

A recent case of extreme fraud out of Shanghai has drawn significant attention and was outlined in the Economic Times article 100% Attendance? How an HR Manager Fooled a Tech Company of Rs 20 Crore


To summarize, the HR manager: 

  • Had exclusive control over his employer’s payroll system. 

  • Was able to create fictitious employees, fake attendance records, and link them to phony bank accounts. 

  • Embezzled over $2 million in payroll and benefits. 

  • Ran the scheme for eight years (2014–2022). 


 

Granted, if one were to consider and examine SoD conflicts in ERP systems from a spectrum of severity standpoint, this particular example would be on the far end of that scale. 


However, some facts remain: 


  • SoD conflicts, ranging from minor vulnerabilities to flaws allowing for outright theft, do happen. 

  • SoD conflicts are both risky and a hindrance to operations, as they affect process security and tie up the resources of security teams. 

  • SoD conflicts need to be addressed, but plugging holes as you go is neither a holistic nor a reasonable approach. 


The HR fraud case from Shanghai inspired overhauls in HR processes and governance, a positive development. Still, the key takeaway is not a statement like “problem solved”, but rather a question like: 


  • How can SoD conflicts, big or small, be detected by security teams before the cat is out of the bag? 

  • What if we could efficiently test roles for SoD conflicts at the point of creation? 


 

Solution: Role Management by Pathlock

 

Adsotech is a partner of Pathlock, a leading provider of SAP Security Solutions.

The Role Management software is part of Pathlock’s modular Application Access Governance suite. Maintaining roles within your critical business applications is a constant challenge. Pathlock’s Role Management solution is a powerful, visual role builder and manager that lets you assess the audit readiness and quality of existing roles while also allowing you to design new roles that are proven to be compliant through simulations and what-if analysis. Pathlock’s fine-grained role design allows for roles that can dynamically adhere to access policies and promote compliance. 


Key Features: 


  • Compliance-Driven Role Creation – Guarantees that newly designed roles meet security and audit standards. 

  • Audit Readiness & Quality Assessment – Evaluates the compliance and effectiveness of existing roles. 

  • Role Simulation & ‘What-If’ Analysis – Tests and validates roles before implementation. 

  • Fine-Grained Role Design – Ensures dynamic adherence to access policies and compliance requirements. 

  • Visual Role Builder & Manager – Provides an intuitive interface for creating and managing roles within critical business applications. 





For more information, please contact our team at sales@adsotech.com.

Comentários

Não é mais possível comentar esta publicação. Contate o proprietário do site para mais informações.
Contact our Sales Team

Sales:

sales(@)adsotech.com

Training:

training(@)adsotech.com

Support:

support(@)adsotech.com

Our office:

+358 10 321 6260

info(@)adsotech.com

Keilaranta 1, 02150, Espoo, Finland

Hope to speak

with you soon!

  • LinkedIn
bottom of page