Application of the access path model with specific reference to the SAP R/3 environment

M.Com. (Computer Auditing) / The management and control of modern day computer systems are becoming more and more trying due to the complexity of systems. This renders the traditional approach to evaluating controls in complex computer systems, inadequate and heightens the need for an alternative audit approach. The complex SAP R/3 environment will be evaluated in terms of security and validity of users and processes. This will be achieved through the use of an alternative audit approach namely, the application of the Access Path and Path Context Models (Boshoff 1985, 1990). The research methodology used during this research may indicate universal application implications for similar complex environments, although this has not yet been proved. The research showed that there are many control features available in the different software c.omponents of the SAP R/3 environment, that can be applied to control access and validity of users and processes. The duplication of control features provided by the software components, requires a global approach to security inthe defined environment. Only when evaluating the environment as a whole, will it be able to make the most effective security decisions. The use of the control matrices developed during this research will ease the global evaluation of the SAP R/3 environment. Although further research is required, the above has proven the usefulness of both the research methodology and the resultant model and matrices.

Identiferoai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:uj/uj:12534
Date07 October 2014
CreatorsPretorius, Maria Rebecca
Source SetsSouth African National ETD Portal
Detected LanguageEnglish
TypeThesis
RightsUniversity of Johannesburg

Page generated in 0.002 seconds