| Role |
Privileged Activity |
Sample Risky Behavior |
| P2P Manager |
Authority to maintain vendors, create and approve PO's, approve vouchers, and authorize payments |
Use of privileges to perform more than one activity per end-to-end transaction (e.g., approve PO and payment for a single procurement) |
| GL Manager |
Authority to override privileges to manually modify ledger entries |
Use and override privileges to alter revenue or liabilities shortly before closing |
| PeopleSoft DBA |
Root, super user, access to SAP database |
Modification to a payee name and account number just before a pay run |
| Systems Integration Lead |
Privileged accounts for use by the mutually dependent financial systems (allow read/write between applications) |
Major traffic type and volume deviation from the norm (human hijacking system account for elicit use) |
