A Framework For Separation Of Duties In An SAP R/3 Evironment
The majority of medium-to-large international organizations have adopted enterprise resource planning systems (ERPs) of which SAP R/3 is the current market leader. This paper proposes a framework for the separation of duties in SAP R/3. Separation of duties is viewed as a critical component of an organization’s internal control structure aimed primarily at reducing opportunities for fraudulent activities. R/3 assigns profiles consisting of authorizations to users. Accordingly, R/3 facilitates the implementation of ‘role-based access control’, where these profiles may be designed consistent with organizational roles and assigned to users performing these roles. This paper proposes a framework for adequate separation of duties using a role-based approach in the Financial Accounting (FI) module of the R/3 system. Case studies were undertaken to refine the framework and to explore its application in a practical environment. This empirical research provided support for the adequacy of the proposed framework.
Impact and interest:
Citation countsare sourced monthly fromand citation databases.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
Full-text downloadsdisplays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
|Item Type:||Journal Article|
|Keywords:||Role, Based Access Control, SAP R/3, Separation of Duties, Fraud, Authorization, Security|
|Subjects:||Australian and New Zealand Standard Research Classification > COMMERCE MANAGEMENT TOURISM AND SERVICES (150000) > ACCOUNTING AUDITING AND ACCOUNTABILITY (150100) > Auditing and Accountability (150102)|
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > INFORMATION SYSTEMS (080600) > Information Systems Management (080609)
|Divisions:||Current > QUT Faculties and Divisions > QUT Business School|
|Copyright Owner:||Copyright 2003 Emerald Publishing|
|Copyright Statement:||Reproduced in accordance with the copyright policy of the publisher.|
|Deposited On:||09 Oct 2006|
|Last Modified:||05 Jan 2011 23:27|
Repository Staff Only: item control page