SOD report

Jaise James

Reputable Poster
All,

We use a tool/Application(ALLOUT) to get a report on SOD conflicts based on the security roles. We certainly have few roles where there are SOD violation, and we have some mitigation controls ( where manual or system ). Is there a way to see if any of those SOD violation actually happen within the system to ensure the mitigation controls were effective.
 
if the SoD violations are UBE based, you can use the WSJ by user to see what they are using. If the issues are application based, the only remedy would be to use Object Usage Tracking available from TR 9.2.1.2 and later.
 
Hello, it is an old post but several customer have asked me for the same. So yes, it is possible to analyse if SOD violation actually happen. I've developed an application for that with a report for theoretical conflict and in comparison proven conflict.
If you are less than Tools 9.2, you can check via audit field in every table users and compare with conflict identified. But to be more efficient, I have also add into my application an audit of all transaction during the days and save it into a table (per day, per user, per table)
If you are on Tools 9.2, you can enable Object Usage Tracking
 
Back
Top