I understand that authorizations and controls are at the infotype/subtype level and via structural authorization however I have been asked to find out if it is possible add additional authorizations to prevent payroll users or time entry personnel from entering pay or time in a fraudulent way for relatives, spouses, kids, friends etc. For example a payroll clerk may incorrectly generate a lump some payment to a spouse, or a timekeeper may inflate hours worked for a child. Any suggestions for controls or audit tips and tricks would be appreciated.
↧