GRC
HR
SCM
CRM
BI


Blog

 

Looking to get all your data privacy questions answered?

by Allison Martin

May 24, 2011

Looking to have your questions surrounding data privacy answered? Richard Hunt and Heinrich Wilking from Turnkey Consulting will be hosting a live Q&A on "Protecting HR data privacy" here on Insider Learning Network! Register Today.

Visit the HR Forum on Insider Learning Network on Thursday, May 26, from 11:00 am – 12:00 pm ET and bring your questions about protecting employee data in your SAP HR environment.

Register for this Forum and you'll also receive access to exclusive take-home materials from Richard Hunt’s GRC 2011 presentation “Improve Data Privacy Compliance and Segregation of Duties (SoD) Controls in an SAP ERP Human Capital Management Environment,” previously only available to conference attendees.

Here’s a quick tip from Richard’s presentation being delivered at GRC2011 in Amsterdam.

Key Segregation of Duties requirements in an HR Environment include:

-  Separation of Master Data Maintenance from Payroll Activities

-  Separation of Compensation Administration from Payroll Activities

-  Separation of Time Administration Activities from Payroll Activities

 

Separate Master Data Maintenance from Payroll Activities, why?

-  A user with access to Master Data Maintenance will have authority to change bank details or address data on behalf of employees

-  A person with this access in combination with Payroll processing access could conceal unauthorized payments to a bank account of his or her choice or allow checks to be processed to an unauthorized person or address

Separate Compensation Administration from Payroll Activities, why?

-  A user with access to Compensation Administration will have authority to change basic pay, recurring payments, payment adjustments, and bonus data on behalf of employees

-  A person with this access in combination with Payroll processing access could conceal unauthorized adjustments to payments made either to themselves or an accomplice

Separate Time Administration Activities from Payroll Activities, why?

-  Time Recording Administration will have authority to enter actual overtime, special pay, and absences on behalf of employees

-  A person with this access, in combination with Payroll processing access, could conceal unauthorized updates to actual times recorded

An email has been sent to:






More from SAPinsider



COMMENTS

Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!


SAPinsider
FAQ