header background image

How secure is your SAP authorization concept?

March 3, 2020

by

Peter Rattey

#

SAPAuthorization

#

SAPCompliance

This blog article is going to help you further…

… The man who never lived!

In a German company, wages were paid over several years to an employee who never existed. The case, whose cause can be found in missing SoD rules, became known as “The Man Who Never Lived”.

… and suddenly 50 million Euros are gone!

December 23, 2015 will go down as a black day in the company history of an Austrian aircraft supplier. On this day, an employee from the financial accounting department transferred the first 13 million euros to Internet fraudsters. They had set up a fake e-mail address of the CEO and pretended to the employee that this was a strictly confidential transaction for a company purchase. The correspondence comprises around 40 mails to build trust and follows the classic pattern of a so-called “Fake President Fraud or CEO Fraud”. The damage to the listed company is enormous. By the time the more than ten debits were noticed on 19 January 2016, a total of 50 million euros had been lost. The money has flowed to China, Taiwan and Slovakia.

Source: https://www.nachrichten.at/wirtschaft/wirtschaftsraumooe/Wie-der-FACC-50-Millionen-abhanden-kamen;art467,2109585

No items found.
No items found.
WHITE PAPER – enhance your knowledge!

SAP Access & Authorizations

Learn how to manage your SAP GRC Authorizations

Tablet showing the cover page of the document

… Can this happen to you?

Are you sure that you are protected against it?

Which employees have extended authorizations, can you exclude fraudulent actions? That means are they technically excluded?

Do you have an overview of your critical actions and SOD conflicts?

… VOQUZ Labs has the solution, because the next audit is coming!

We analyze your SAP system for weaknesses, risks and violations of the law.

Further we check for separation of functions risks (SOD conflicts) and for critical individual SAP authorizations from a catalog of 350 critical combinations and 150 critical activities and 50 general system checks.

If violations are detected, we will also show you the optimal solutions.

…you still have questions?

Contact us about our SAP Compliance Check and have your system tested by VOQUZ Labs so that you are spared the scenarios mentioned above.

ABOUT THE AUTHOR

Peter Rattey

Peter Rattey is the founder of VOQUZ Labs. He invented samQ and is still intensively involved in samQ's further development. Peter is one of our most experienced advisors.

SEND US A MESSAGE

Do you have any questions or something to add? Just leave us a message, please! Your message will be delivered by e-mail to us and will not be published.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Illustration of a woman editing documents

Register for our newsletter now!
Keep yourself up to date!

Thank you! Your successfully signed up for our newsletter.
Oops! Something went wrong while submitting the form.

MORE RELEVANT ARTICLES

Thumbnail that links to the post below

Streamlining Internal Controls with remQ: An Introduction to a Blog Post Series

15.11.2024

|

SAPCompliance

Thumbnail that links to the post below

Quick Do-It-Yourself Analysis of Single Action Violations in Your SAP System

13.11.2024

|

SAPAuthorization

Thumbnail that links to the post below

Important Updates for remQ: Transition to S/4HANA and New Features

30.10.2024

|

SAPCompliance