How can we prevent self-assignment of roles by Admins to ensure compliance with SOX controls?
Summary:
An auditor was assigned admin access to view audit trails. However, during testing, it was found that the user (auditor) could assign roles to himself - was able to add the required roles and post journals - violating the core principle of audit and raising a SOX compliance concern.
Content (please ensure you mask any confidential information):
Version (include the version you are using, if applicable):
25.04.59
Code Snippet (add any code snippets that support your topic, if applicable):
0