Activity | AND | Activity | Risk | RISK LEVEL |
Maintain credit master data | AND | Process sales orders | User can increase a customer credit limit and then process sales orders for that customer leading to irrecoverable debt. | M |
Maintain contract/scheduling agreement | AND | Process sales orders | User can create a fictitious contract and then create sales orders against that contract. | M |
Customer master data maintenance | AND | Process sales orders | User can create a fictitious customer and create orders for delivery to them thereby misappropriating goods. | M |
Process sales orders | AND | Process outbound deliveries | User can create/change sales orders and deliveries to hid the misappropriation of goods. | H |
Process sales orders | AND | Maintain sales deal | User can create sales orders and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Process sales orders | AND | Maintain sales promotion | User can create sales orders and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Process sales orders | AND | Maintain pricing condition records | User can create sales orders and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Process sales orders | AND | Process customer credit note (FI) | User can create/change a credit memo request and then process the credit note. | H |
Process sales orders | AND | Process customer invoices (FI) | User can create/change a sales order and create/change an invoice for the order. | M |
Process sales orders | AND | Process customer invoices (SD) | User can create/change a sales order and create/change an invoice for the order. | M |
Process sales orders | AND | Post parked customer invoice/credit note | User can create/change a sales order and create/change an invoice for the order. | M |
Process outbound deliveries | AND | Process customer credit note (FI) | User can create/change a delivery and create/change a credit note to hide the deception, thereby misappropriating goods. | H |
Process outbound deliveries | AND | Process customer invoices (FI) | User can create/change a delivery and create/change an invoice. | H |
Process outbound deliveries | AND | Process customer invoices (SD) | User can create/change a delivery and create/change an invoice. | H |
Process outbound deliveries | AND | Post parked customer invoice/credit note | User can create/change a delivery and create/change an invoice. | H |
Process customer invoices (SD) | AND | Maintain sales deal | User can create invoices and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Process customer invoices (SD) | AND | Maintain sales promotion | User can create invoices and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Process customer invoices (SD) | AND | Maintain pricing condition records | User can create invoices and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Park customer invoice/credit note | AND | Post parked customer invoice/credit note | User can park and post customer invoices. | M |
Customer master data maintenance | AND | Process customer credit note (FI) | User can create a fictitious customer and then issue a credit note to the customer. | M |
Customer master data maintenance | AND | Process customer invoices (FI) | User can create a fictitious customer and then issue invoices to the customer. | M |
Customer master data maintenance | AND | Process customer invoices (SD) | User can create a fictitious customer and then issue invoices to the customer. | M |
Customer master data maintenance | AND | Post parked customer invoice/credit note | User can create a fictitious customer and then issue invoices to the customer. | M |
Incoming payments | AND | Process customer credit note (FI) | User can clear invoices inappropriately through maintaining customer receipts and customer credit notes. | M |
Incoming payments | AND | Process customer invoices (FI) | User can create/change an invoice and enter/change payments against the invoice. | M |
Incoming payments | AND | Process customer invoices (SD) | User can create/change an invoice and enter/change payments against the invoice. | M |
Incoming payments | AND | Post parked customer invoice/credit note | User can create/change an invoice and enter/change payments against the invoice. | M |
Customer master data maintenance | AND | Incoming payments | User can create a customer and then post payments against the customer. | H |
Customer master data maintenance | AND | Process outbound deliveries | User can create a customer and delivery goods to that customer, thereby misappropriating goods. | H |
Create down-payment request | AND | Post customer down-payment | User can create a down-payment request and post a down-payment. | M |
Post customer down-payment | AND | Process customer credit note (FI) | User can post down-payment and process credit notes. | M |
Post customer down-payment | AND | Process customer invoices (FI) | User can post down-payment and create/change an invoice, thereby reducing customer balances. | M |
Post customer down-payment | AND | Process customer invoices (SD) | User can post down-payment and create/change an invoice, thereby reducing customer balances. | M |
Post customer down-payment | AND | Post parked customer invoice/credit note | User can post down-payment and create/change an invoice, thereby reducing customer balances. | M |
Clear customer down-payment | AND | Process customer credit note (FI) | User can clear down-payment and process credit notes. | H |
Clear customer down-payment | AND | Process customer invoices (FI) | User can clear down-payment and create/change an invoice, thereby reducing customer balances. | M |
Clear customer down-payment | AND | Process customer invoices (SD) | User can clear down-payment and create/change an invoice, thereby reducing customer balances. | M |
Clear customer down-payment | AND | Post parked customer invoice/credit note | User can clear down-payment and create/change an invoice, thereby reducing customer balances. | M |
Clear customer down-payment | AND | Incoming payments | User can clear down-payment and process incoming payments. | M |
Create rebate agreement | AND | Settle rebate agreement | User can create/change and settle rebate agreements, thereby granting customers inappropriate credits. | M |
Settle rebate agreement | AND | Process customer credit note (FI) | User can create credit notes and settle rebates, therefore changing the authorised rebate amount. | M |
Settle rebate agreement | AND | Process customer invoices (FI) | User can create invoices and settle rebates, therefore changing the authorised rebate amount. | M |
Settle rebate agreement | AND | Process customer invoices (SD) | User can create invoices and settle rebates, therefore changing the authorised rebate amount. | M |
Settle rebate agreement | AND | Post parked customer invoice/credit note | User can create invoices and settle rebates, therefore changing the authorised rebate amount. | M |
Maintain credit master data | AND | Customer master data maintenance | User can create a customer and potentially assign/increase a customer credit limit inappropriately thereby potentially increasing exposure to bad debts. | M |
Maintain credit master data | AND | Maintain contract/scheduling agreement | User can increase a customer credit limit and then process a contract for that customer leading to irrecoverable debt. | M |
Maintain contract/scheduling agreement | AND | Customer master data maintenance | User can create a fictitious customer and then create a contract against that customer. | M |
Maintain contract/scheduling agreement | AND | Create rebate agreement | User can create a fictitious contract and then create rebates against that contract, granting customers inappropriate credits. | M |
Maintain contract/scheduling agreement | AND | Maintain sales deal | User can create a contract and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Maintain contract/scheduling agreement | AND | Maintain sales promotion | User can create a contract and then maintaining pricing against that contract, thereby over-charging customers or giving them unauthorised discounts. | M |
Maintain contract/scheduling agreement | AND | Maintain pricing condition records | User can create a contract and maintain pricing, therefore over-charging customers or giving then unauthorised discounts. | M |
Maintain contract/scheduling agreement | AND | Incoming payments | User can create a contract for a customer and then post payments against that contract/customer. | M |
Process outbound deliveries | AND | Maintain contract/scheduling agreement | User can create a fictitious contract for a customer and process outbound deliveries against the contract. | M |
Process outbound deliveries | AND | Incoming payments | User can create fictitious/incorrect delivery and enter payments against these, potentially misappropriating goods. | H |
Process sales orders | AND | Incoming payments | User can create/change a sales order and process incoming payments inaccurately/fraudulently, potentially resulting in losses to the company. | H |
Process sales orders | AND | Process Revenue Recognition | Users with authorization to process sales orders as well as the authorization to process the revenue recognition list have the ability to create/change sales orders and edit the amount/timing of the related revenue recognition. | H |
Process sales orders | AND | Create rebate agreement | Users with authorization to maintain sales rebates as well as process sales orders have the ability to create sales orders to customers with unapproved sales rebates. | M |
Customer master data maintenance | AND | Post customer down-payment | The ability to enter or modify down payments for customers and the ability to create or modify customer account information should be segregated. If the same person can process both items, unauthorized changes could be made and possibly not detected. This could result in reduced cash collections, potentially inflated accounts receivable general ledger balances, fraud, etc. | H |
Customer master data maintenance | AND | Clear customer down-payment | The ability to enter or modify down payments for customers and the ability to create or modify customer account information should be segregated. If the same person can process both items, unauthorized changes could be made and possibly not detected. This could result in reduced cash collections, potentially inflated accounts receivable general ledger balances, fraud, etc. | H |
Description | Transaction |
Revenues |
|
|
|
Maintain contract/scheduling agreement |
|
Create scheduling agreement | VA31 |
Change scheduling agreement | VA32 |
Create contract | VA41 |
Change contract | VA42 |
|
|
Maintain credit master data |
|
Credit limit changes | FD24 |
Change customer credit management | FD32 |
Credit management mass change | FD37 |
Credit management mass change | F.34 |
Customers: Reset credit limit | F.28 |
Credit Limit Data mass change | S_ALR_87009999 |
Reset Credit Limit for Customers | S_ALR_87012220 |
|
|
Create down-payment request |
|
Create down-payment request | F-37 |
Create down-payment request | FBA1 |
|
|
Post customer down-payment |
|
Post customer down payment | F-29 |
Post customer down payment | FBA2 |
|
|
Clear customer down-payment |
|
Clear customer down payment | F-39 |
Clear customer down payment | FBA3 |
|
|
Process sales orders |
|
Create sales order | V-01 |
Create sales order | VA01 |
Change sales order | VA02 |
|
|
Maintain sales deal |
|
Create sales deal | VB21 |
Change sales deal | VB22 |
|
|
Maintain sales promotion |
|
Create promotion | VB31 |
Change promotion | VB32 |
Create promotion | WAK1 |
Maintain promotion items | WAK12 |
Change promotion | WAK2 |
|
|
Maintain pricing condition records |
|
Create condition table (SD price) | V/03 |
Change condition table (sales pr) | V/04 |
Condit: Pricing SD - Index in Backgr | V_I7 |
Condit: Pricing SD - Index in Backgr | V/I5 |
Create condition | VK11 |
Change condition | VK12 |
Creation condition with reference | VK14 |
Create condition | VK15 |
Creation condition with reference | VK16 |
Change condition | VK17 |
Change condition without menu | VK19 |
Condition maintenance: Create | VK31 |
Condition maintenance: Change | VK32 |
Condition maint: create with refer | VK34 |
Change condition table | VK04 |
Create condition table | VK03 |
Create material price | V-41 |
Change material price | V-43 |
Change price list | V-47 |
Change Cust. Price | V-51 |
|
|
Create rebate agreement |
|
Create rebate agreement | VBO1 |
Change rebate agreement | VBO2 |
Condition table: create rebate | OV20 |
Condition table: change rebate | OV21 |
Rebate Group Maintenance | VB(6 |
|
|
Settle rebate agreement |
|
Rebate agreement settlement | VB(7 |
Rebate agreement settlement | VB(D |
|
|
Process outbound deliveries |
|
Create delivery | VL01 |
Create outbound delivery with order ref | VL01N |
Create outbound delivery w/o order ref | VL01NO |
Change outbound delivery | VL02 |
Change outbound delivery | VL02N |
List of outbound deliveries for Goods Issue | VL06G |
Edit user-specific delivery due list | VL10 |
Sales orders due for delivery | VL10A |
VL10 Background planning | VL10BATCH |
Order items due for delivery | VL10C |
Order schedule lines due for delivery | VL10E |
Documents due for delivery | VL10G |
Items due for delivery | VL10H |
Schedule lines due for delivery | VL10I |
Create decentralised delivery | VL11 |
Delivery creation in background | VL12 |
Post goods issue in background | VL21 |
Goods issue (background processing) | VL23 |
Goods issue (background processing) | VL23N |
Sales Orders/Purchase Orders Worklist : Selection | VL04 |
|
|
Process customer credit note (FI) |
|
Enter customer credit memo | F-27 |
Enter outgoing credit memos | FB75 |
|
|
Process customer invoices (FI) |
|
Enter customer invoice | F-22 |
Enter outgoing invoice | FB70 |
|
|
Process customer invoices (SD) |
|
Create billing document | VF01 |
Change billing document | VF02 |
Process billing due list | VF04 |
Batch billing | VF06 |
Cancel billing document | VF11 |
Create invoice list | VF21 |
Change invoice list | VF22 |
List blocked billing documents | VFX3 |
|
|
Park customer invoice/credit note |
|
Park customer invoice | F-64 |
Park customer credit memo | F-67 |
Park document | FBV1 |
Change parked document | FBV2 |
Change parked document (header) | FBV4 |
Park outgoing invoice | FV70 |
Park outgoing credit note | FV75 |
|
|
Post parked customer invoice/credit note |
|
Post parked document | FBV0 |
Post parked document | FBVB |
|
|
Incoming payments |
|
Post with clearing | F-04 |
Post incoming payments | F-06 |
Incoming payments fast entry | F-26 |
Post incoming payments | F-28 |
Post with clearing | F-30 |
Post with clearing | F-51 |
Post incoming payments | F-52 |
Post with clearing | FB05 |
Post with clearing | FB05_OLD |
Post incoming payments | FBZ1 |
Incoming payments fast entry | FBZ3 |
Create payment advice | FBE1 |
Change payment advice | FBE2 |
Clear customer | FB1D |
Cash journal | FBCJ |
Clear customer | F-32 |
Post lockbox data | FLBP |
Postprocessing lockbox data | FLB1 |
Post check deposit data entered externally | FFB5 |
Interface for check deposit data entered externally | FFB4 |
Interface for check deposit data entered externally | FF/4 |
Post check deposit data entered externally | FF/5 |
|
|
|
|
Customer master data maintenance |
|
Create customer (accounting) | FD01 |
Change customer (accounting) | FD02 |
Block customer (accounting) | FD05 |
Mark customer for deletion (acctng) | FD06 |
Create customer (sales) | VD01 |
Change customer (sales) | VD02 |
Block customer (sales) | VD05 |
Mark customer for deletion (sales) | VD06 |
Create customer (centrally) | XD01 |
Change customer (centrally) | XD02 |
Block customer (centrally) | XD05 |
Mark customer for deletion (centr) | XD06 |
Customer master mass maintenance | XD99 |
Mass change | MASS |
Maintain customer | FD02CORE |
Create ordering party | V-03 |
Create invoice recipient | V-04 |
Create payer | V-05 |
Create consignee | V-06 |
|
|
Process Revenue Recognition |
|
Revenue recognition worklist | VF44 |
Revenue recognition: Revenue report | VF45 |
Revenue recognition: Cancellation | VF46 |
No comments:
Post a Comment