Blog

The queries made by auditors always give us a headache, either because of the difficulty in finding the right answer or because it forces us to dedicate time that we do not have. That is, a headache always! After reviewing the system with their own software tools, they give us their reports to which we […]

Septiembre 16, 2023

How to respond to auditors’ requirements?

Can you imagine having a scanner that allows you to detect vulnerabilities and risks in the privileges assigned to user accounts? Imagine how you could strengthen the security of your SAP system proactively and efficiently: The new CentinelBox service will allow you to proactively take action to resolve them and achieve favourable and beneficial results: […]

Agosto 30, 2023

Scanning Vulnerabilities and Risks in User Accounts, Roles, and Profiles Security in SAP ECC and S/4 HANA

Improving the quality of SAP System security is not a matter of time. Improvements and remediation of roles between 10% and 25% of the time using standard methods! The need to enhance security always faces a significant obstacle: time and available personnel for the task. With CentinelBox, you can perform tasks in much shorter timeframes […]

Agosto 30, 2023

Increase Your Productivity with CentinelBox

Solución efectiva para eliminar roles no utilizados y optimizar la asignación de usuarios

Risks in SAP: Are all risks identified, and are we working to resolve them? Are there risks that we are unaware of or that are hidden? In strictest rigor, it is likely that we will never have all risks fully controlled. However, it is imperative to know them all and establish a work plan for […]

Junio 6, 2023

Identifying Visible and Hidden Risks in SAP.

Did you know that there may be zombie profiles within your SAP system? One way to detect fraud or misuse of authorizations is by chance or accident. Once the cause-and-effect is identified and a solution is found, it allows for the development of this tip. In an analysis of used transactions that were not assigned […]

Mayo 8, 2023

Fast Checklist 15: Be careful with zombie profiles in SAP

perfiles zombies sap

This is a great question that we get more often than you expect.  Let’s see the different roles that own CentinelBox depending on the size and nature of the company. For most of our clients, finance owns CentinelBox, mainly when there is a thin line between finance and audit/compliance or when systems are more cloud-based […]

Enero 19, 2023

Who should be the owner of CentinelBox?

Some people may disagree with this statement, but it is a fact. Internal controls are the processes implemented by companies to ensure their objectives are met. They are the parts of the business process which provide mechanisms that could prevent inaccuracies or frauds, whether they were triggered by mistake or not. Preventive v/s Detective controls  […]

Enero 19, 2023

Control is always rewarding

variables críticas sap

It is common that investment and SAP system security project development decisions are based on the seriousness of the observations made by the External Auditors in their reviews. In addition, the executive level generally undervalues the auditors’ observations, so it is likely that the lack of action on security is always the same.   The auditors’ […]

Enero 3, 2023

Are you comfortable with SAP security reports provided by external auditors?

seguridad SAP

By this name, I mean when managers, executives, and security officers try to explain issues from SAP when implementing a project  (and many of these issues have also been inherited). Problems in terms of security quality in the user accounts, roles, profiles, and privileges that have been given to them. By this name, I mean when managers, […]

Noviembre 22, 2022

The Original Sin

La asignación de la transacción SE16 o SE16N presenta riesgos por cuento siempre será posible acceder a información de cualquier tabla en el sistema como también, con los permisos adecuados, incluso modificar datos. Por tal razón siempre su asignación es objetada por los auditores. La solución que se presenta a continuación consiste en crear una […]

Diciembre 17, 2020

3 Tip SAP – Cómo la Transacción SE16 puede ser Asignada Sin Riesgos