Professional Documents
Culture Documents
A002
High
A003
High
A008
High
B002
High
B004
High
B006
High
B008
High
B009
High
B010
High
Description of Risk Unauthorized !aintenan"e o# $%anning !ode% and &er'ion !a( ad&er'e%( i!$a"t the $rodu"tion $%anning data 'tored in A)O* +hi' tran'a"tion 'hou%d ,e %i!ited to 'e%e"ted de!and $%anning 'u$er u'er or !anager* Unauthorized de%etion o# a"ti&e $%anning &er'ion !a( ad&er'e%( i!$a"t the $rodu"tion $%anning data 'tored in A)O* +hi' tran'a"tion 'hou%d ,e %i!ited to 'e%e"ted de!and $%anning 'u$er u'er or !anager* Unauthorized !aintenan"e o# $%anning !ode% and &er'ion !a( ad&er'e%( i!$a"t the $rodu"tion $%anning data 'tored in A)O* +hi' tran'a"tion 'hou%d ,e %i!ited to 'e%e"ted de!and $%anning 'u$er u'er or !anager* A""e'' to !aintain !a"ro'-ru%e' 'hou%d ,e "ontro%%ed &ia "hange !anage!ent $ro"e''* Un'u$$orted or in"orre"t ad.u't!ent' are !ade to the !a"ro'-ru%e' !a( re'u%t in ina""urate $rodu"tion $%anning and $rodu"tion '"hedu%ing* A de&e%o$er "ou%d !odi#( an e/i'ting $rogra! in $rodu"tion0 $er#or! tra"e' to the $rogra! and "on#igure the $rodu"tion en&iron!ent to %i!it !onitoring o# the $rogra! run ,( in"rea'ing a%ar! thre'ho%d' and e%i!inating audit trai%' through e/terna% OS "o!!a A de&e%o$er "ou%d "reate or !odi#( a $rogra! in $rodu"tion and #or"e the tran'$ort o# the'e "hange' a#ter the #a"t to "on"ea% irregu%ar de&e%o$!ent $ra"ti"e'* +hi' a%'o ena,%e' the re&erting ,a"1 to the $rogra!2' origina% &er'ion 3ithout an( tra"e o# the "hange' !ade in $rodu"tion* A de&e%o$er "ou%d !odi#( $rogra! "o!$onent' 4!enu'0 '"reen %a(out0 !e''age'0 5uerie'6 and "on#igure the $rodu"tion en&iron!ent to %i!it !onitoring o# the $rogra! run' u'ing the !odi#ied $rogra! "o!$onent' ,( in"rea'ing a%ar! thre'ho%d' and e%i!inating audit trai% A de&e%o$er "ou%d !odi#( $rogra! "o!$onent' 4!enu'0 '"reen %a(out0 !e''age'0 5uerie'6 and #or"e the tran'$ort o# the'e "hange' a#ter the #a"t to "on"ea% irregu%ar de&e%o$!ent $ra"ti"e'* +hi' a%'o ena,%e' the re&erting ,a"1 to the $rogra! "o!$onent' origin An indi&idua% "ou%d !odi#( data in ta,%e' or !odi#( &a%id "on#iguration &a%ue' and 'etu$ the $rodu"tion en&iron!ent to run tran'a"tion' and $rogra!' u'ing the ina$$ro$riate%( !odi#ied data* +hi' "ou%d a##e"t data integrit(0 '('te! $er#or!an"e0 and $ro$er An indi&idua% "ou%d !odi#( data in ta,%e' or "hange &a%id "on#iguration and re$%i"ate the'e "hange' to other "%ient'* +hi' i' $arti"u%ar%( 'en'iti&e i# "%ient ad!ini'tration tran'a"tion' "o!e 3ith "%ient7inde$endent authorization a%%o3ing the de&e%o$er to An indi&idua% "ou%d ina$$ro$riate%( !odi#( ro%e' and a''ign!ent' and re#%e"t thi' "hange to the $rodu"tion2' !irror "o$( e%i!inating the "han"e to re&ert to the a$$ro$riate 'etu$* A 'e"urit( ad!ini'trator "ou%d !a1e ina$$ro$riate "hange' to unauthorized 'e"urit( ro%e'0 tran'$ort the!0 and a''ign the! to a #i"titiou' u'er #or e/e"ution* Can "reate tran'$ort'0 add o,.e"t' to the tran'$ort0 and !o&e the tran'$ort8 Can $ut unauthorized o,.e"t "hange' into $rodu"tion0 ,($a''ing the Change Contro% $ro"e''* Can re'et the nu!,er range' 416 and de%ete (our %og-audit trai% 426* One $er'on "ontro%%ing ,oth the a""e'' in the $ro#i%e-ro%e and the u'er 9d' in"rea'e' the ri'1 o# ina$$ro$riate a""e'' A u'er "ou%d "reate a #i"titiou' ,u'ine'' $artner and initiate #raudu%ent 'a%e' order' #or that $artner* :a'ter data 'u"h a' ,u'ine'' $artner' 'hou%d not ,e !aintained ,( the 'a!e u'er' 3ho $ro"e'' tran'a"tion' u'ing that !a'ter data* A u'er "ou%d "reate a #i"titiou' 'a%e' order to "o&er u$ an unauthorized 'hi$!ent* 9na$$ro$riate%( "reate or "hange 'a%e' do"u!ent' and generate the "orre'$onding ,i%%ing do"u!ent in CR:* 9na$$ro$riate%( "reate or "hange 'a%e' do"u!ent' and generate the "orre'$onding ,i%%ing do"u!ent in R3* ;nter #i"titiou' 'er&i"e order' #or $er'ona% u'e and a""e$t the 'er&i"e' through 'er&i"e a""e$tan"e* +he u'er "ou%d $ro!$t #raudu%ent $a(!ent'* 9n addition '$are $art' "ou%d ,e #raudu%ent%( i''ued #ro! in&entor( a' a re'u%t o# the "on#ir!ation* U'er "an "reate a #i"titiou' ,u'ine'' $artner and then $ro"e'' ,i%%ing in CR: #or that $artner* U'er "an "reate a #i"titiou' ,u'ine'' $artner and then $ro"e'' ,i%%ing in R3 #or that $artner*
Tc
AO02
AO03
AO04
AO09
BS02
BS02
BS04
BS04
BS03
BS03
D008 D009
High High
CR07 AR05
D010 D011 D013 D014 D015 D016 D017 D018 D019 ;001 ;002 ;003 ;004 ;005 ;010 ;011 ;012 ;013 ;014 ;015 ;019 ;020 ;021 ;022 ;023 ;024 <005 <006 <007 <008 <013 <014
High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High
9na$$ro$riate%( a""e$t or "on#ir! a 'er&i"e order and generate a "orre'$onding ,i%%ing do"u!ent in CR: #or the order* 9na$$ro$riate%( a""e$t or "on#ir! a 'er&i"e order and generate a "orre'$onding ,i%%ing do"u!ent in R3 #or the order* U'er "ou%d "reate a #i"titiou' "redit !e!o and run ,i%%ing due in CR: to $ro!$t a $a(!ent to a "u'to!er* +he "u'to!er "ou%d $ro&ide a 1i"1,a"1 to the interna% u'er* U'er "ou%d "reate a #i"titiou' "redit !e!o and run ,i%%ing due in R3 to $ro!$t a $a(!ent to a "u'to!er* +he "u'to!er "ou%d $ro&ide a 1i"1,a"1 to the interna% u'er* )ri"ing "ondition' "ou%d ,e !ani$u%ated to $ro&ide ina$$ro$riate di'"ount' or in"enti&e' to "u'to!er' 3hi"h 3i%% ,e rea%ized in an in"orre"t in&oi"e* A u'er "ou%d enter a 'a%e' order in CR: and %o3er $ri"e' &ia "ondition' #or #raudu%ent gain Co!!i''ion or 9n"enti&e' !a( ,e $aid ,a'ed on the nu!,er o# 5ua%i#ied %ead'* 9na$$ro$riate%( 5ua%i#ied %ead' "ou%d re'u%t in #raudu%ent "o!!i''ion $a(!ent'* Co!!i''ion or 9n"enti&e' !a( ,e $aid ,a'ed on the nu!,er o# 'er&i"e order'* <raudu%ent order' "ou%d ,e entered to a"hie&e higher 'a%e' #or "o!!i''ion'* Co!!i''ion or 9n"enti&e' !a( ,e $aid ,a'ed on the nu!,er o# 'a%e' order'* <raudu%ent order' "ou%d ,e entered to a"hie&e higher 'a%e' re$orting #or "o!!i''ion'* :aintain a #i"titiou' &endor and enter an in&oi"e to ,e in"%uded in the auto!ati" $a(!ent run )ur"ha'e unauthorized ite!' and $ro!$t the $a(!ent ,( in&oi"ing ;nter #i"titiou' order' #or $er'ona% u'e and a""e$t the good' or 'er&i"e' through good' re"ei$t or 'er&i"e a""e$tan"e ;nter #i"titiou' in&oi"e' and a""e$t good' or 'er&i"e' &ia good' re"ei$t or 'er&i"e a""e$tan"e :aintain a #i"titiou' &endor and initiate $ur"ha'e' to that &endor* A u'er "an hide di##eren"e' ,et3een ,an1 $a(!ent' and $o'ted A) re"ord'* A""e$t good' &ia SR: good' re"ei$t' and $er#or! a =: $h('i"a% in&entor( ad.u't!ent a#ter3ard'* A""e$t good' &ia SR: good' re"ei$t' and $er#or! 9: $h('i"a% in&entor( ad.u't!ent a#ter3ard'* A""e$t good' &ia SR: good' re"ei$t' and $er#or! 9: $h('i"a% in&entor( ad.u't!ent a#ter3ard' u'ing $o3er#u% 9: tran'a"tion' ;nter #i"titiou' order' #or $er'ona% u'e and a""e'' the good' or 'er&i"e' through good' re"ei$t ;nter #i"titiou' order' #or $er'ona% u'e and a""e'' the good' or 'er&i"e' through 'er&i"e a""e$tan"e A$$ro&e the $ur"ha'e o# unauthorized good' and hide the !i'u'e o# in&entor( ,( not #u%%( re"ei&ing the order in R3 =here re%ea'e 'trategie' are uti%ized0 the 'a!e u'er 'hou%d not !aintain the $ur"ha'e order and re%ea'e or a$$ro&e it* Create a #i"titiou' &endor or "hange e/i'ting &endor !a'ter data and a$$ro&e $ur"ha'e' to thi' &endor ;nter #i"titiou' order' #or $er'ona% u'e and !ani$u%ate the organizationa% 'tru"ture to ,($a'' a$$ro&a%' Create or !aintain #i"titiou' &endor and !ani$u%ate the organizationa% 'tru"ture to ,($a'' a$$ro&a%' or 'e"ondar( "he"1' 9nitiate $ur"ha'e' to 'e%e"ting good' to ,e in"%uded in a 'ho$$ing "art then a$$ro&ing the $ur"ha'e Create a non ,ona7#ide ,an1 a""ount and "reate a "he"1 #ro! it* )a( an in&oi"e and hide it in an a''et that 3ou%d ,e de$re"iated o&er ti!e* Create an in&oi"e through ;RS good' re"ei$t and hide it in an a''et that 3ou%d ,e de$re"iated o&er ti!e* A%%o3' di##eren"e' ,et3een "a'h de$o'ited and "a'h "o%%e"tion' $o'ted to ,e "o&ered u$ Create the a''et and !ani$u%ate the re"ei$t o# the a''o"iated a''et* )o't o&erhead e/$en'e' to the $ro.e"t and 'ett%e the $ro.e"t 3ithout going through the 'ett%e!ent a$$ro&a% $ro"e''*
CR06 CR06 CR08 CR08 AR07 CR04 CR02 CR05 CR04 SR01 SR02 SR02 SR03 SR01 <903 SR06 SR06 SR06 SR02 SR02 SR07 SR02 SR01 SR02 SR01 SR08 <904 <A01 <A01 AR02 <A02 )S02
>002
High
>003
High
>004
High
>005
High
>006
High
>007
High
>008
High
>009
High
>010
High
>011
High
>012
High
>013
High
>014
High
U'e a #i"titiou' $ro.e"t to a%%o"ate o&erage' o# an a"tua% $ro.e"t0 and 'ett%e the $ro.e"t 3ithout going through the 'ett%e!ent a$$ro&a% $ro"e''* :ani$u%ate the 3or1 ,rea1do3n 'tru"ture e%e!ent' 4$ro#it "enter'0 ,u'ine'' area'0 "o't "enter'0 $%ant'6 and $o't o&erhead e/$en'e' to the $ro.e"t :aintain a non ,ona7#ide ,an1 a""ount and di&ert in"o!ing $a(!ent' to it* Create a non ,ona7#ide ,an1 a""ount and "reate !anua% "he"1' #ro! it U'er' "an "reate a #i"titiou' trade and #raudu%ent%( "on#ir! or e/er"i'e the trade A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut A)-AR->@ !a'ter data "reation and $o'ting #un"tion' in "on.un"tion 3ith $a(!ent $ro"e''ing0 re"ei$t o# !one(0 >@ a""ount a""e''A and the a,i%it( to !odi#( ;CCS hierar"h( and re$orting out$ut :odi#( $a(ro%% !a'ter data and then $ro"e'' $a(ro%%* )otentia% #or #raudu%ent a"ti&it(* Change e!$%o(ee HR Bene#it' then $ro"e'' $a(ro%% 3ithout authorization* )otentia% #or #raudu%ent a"ti&it(* Change to !a'ter data and "reating the re!ittan"e "ou%d re'u%t in #raudu%ent $a(!ent'* Change $a(ro%% !a'ter data and enter ti!e data a$$%ied to in"orre"t 'etting'* :odi#( ti!e data and $ro"e'' $a(ro%% re'u%ting in #raudu%ent $a(!ent'
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
;C01
H006 H007 H008 H009 H010 H011 H012 H013 H014 H015 H016 :006 :011 :012 )001 )002 )003 )004 )005 )006 )007 )008 )011 )014 )016 )019 )020 )021 )022 )023 )026 )027 )028 )029 )030 )038 )045
High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High High
Change "on#iguration o# $a(ro%% then $ro"e'' $a(ro%% re'u%ting in #raudu%ent $a(!ent' Change "on#iguration o# $a(ro%% then !odi#( $a(ro%% !a'ter data re'u%ting in #raudu%ent $a(!ent' Change $a(ro%% !a'ter data and !odi#( )D Stru"ture ;nter #a%'e ti!e data and $er#or! $a(ro%% !aintenan"e* Change $a(ro%% and $ro"e'' $a(ro%% 3ithout $ro$er authorization* Change $a(ro%% "on#iguration and $er#or! !aintenan"e on $a(ro%% 'etting'* :odi#( $a(ro%% "on#iguration and enter #a%'e ti!e data* ;nter #a%'e ti!e data and !aintain )D 'tru"ture U'er' !a( enter #a%'e ti!e data and $ro"e'' $a(ro%% re'u%ting in #raudu%ent $a(!ent'* U'er' !a( !aintain e!$%o(ee !a'ter data in"%uding $a( rate' and de%ete the $a(ro%% re'u%t U'er' !a( enter #a%'e ti!e data and $er#or! 3or1 '"hedu%e e&a%uation' A""e$t good' &ia good' re"ei$t' and $er#or! a =: $h('i"a% in&entor( ad.u't!ent a#ter3ard'* A""e$t good' &ia good' re"ei$t' and $er#or! an 9: $h('i"a% in&entor( ad.u't!ent a#ter3ard'* A""e$t good' &ia good' re"ei$t' and $er#or! an 9: $h('i"a% in&entor( ad.u't!ent a#ter3ard'* :aintain a #i"titiou' &endor and enter a Bendor in&oi"e #or auto!ati" $a(!ent :aintain a #i"titiou' &endor and "reate a $a(!ent to that &endor ;nter #i"titiou' &endor in&oi"e' and then render $a(!ent to the &endor )ur"ha'e unauthorized ite!' and initiate $a(!ent ,( in&oi"ing ;nter #i"titiou' $ur"ha'e order' #or $er'ona% u'e and a""e$t the good' through good' re"ei$t ;nter #i"titiou' &endor in&oi"e' and a""e$t the good' &ia good' re"ei$t ;nter a #i"titiou' $ur"ha'e order and enter the "o&ering $a(!ent Create a #i"titiou' &endor and initiate $ur"ha'e' to that &endor 9na$$ro$riate%( $ro"ure an ite! and !ani$u%ating the 9: $h('i"a% in&entor( "ount' to hide* Can hide di##eren"e' ,et3een ,an1 $a(!ent' C $o'ted A) re"ord' Re"ei&e or a""e$t 'er&i"e' and enter the "o&ering $a(!ent' A$$ro&e the $ur"ha'e o# unauthorized good' and hide the !i'u'e o# in&entor( ,( not #u%%( re"ei&ing the order Co!!it the "o!$an( to #raudu%ent $ur"ha'e "ontra"t' and initiate $a(!ent #or unauthorized good' and 'er&i"e'* Re%ea'e a non ,ona7#ide $ur"ha'e order and initiate $a(!ent #or the order ,( entering in&oi"e' Re%ea'e a non ,ona7#ide $ur"ha'e order and the a"tion re!ain undete"ted ,( !ani$u%ating the 9: $h('i"a% in&entor( "ount' Create a #i"titiou' &endor or "hange e/i'ting &endor !a'ter data and a$$ro&e $ur"ha'e' to thi' &endor ;nter #i"titiou' $ur"ha'ing agree!ent' and then render $a(!ent Ri'1 o# entr( o# #i"titiou' )ur"ha'ing Agree!ent' and the entr( o# #i"titiou' Bendor or !odi#i"ation o# e/i'ting Bendor e'$e"ia%%( a""ount data* :odi#( $ur"ha'ing agree!ent' and then re"ei&e good' #or #raudu%ent $ur$o'e'* ;nter unauthorized ite!' to a $ur"ha'ing agree!ent and "reate an in&oi"e to o,tain tho'e ite!' #or $er'ona% u'e Ri'1 o# !odi#(ing 'er&i"e !a'ter data 4to add a 'er&i"e that i' nor!a%%( not ordered ,( the "o!$an(6 and the entr( o# "o&ering $a(!ent' Ri'1 o# entering unauthorized $a(!ent' and re"on"i%e 3ith the ,an1 through the 'a!e $er'on* 9na$$ro$riate%( $ro"ure an ite! and !ani$u%ating the 9: $h('i"a% in&entor( "ount' to hide*
)?02 HR03 HR05 HR04 )?03 )?02 HR04 HR04 HR03 HR03 )?06 ::04 ::04 ::04 )R01 A)01 A)02 )R02 )R02 A)02 )R02 )R01 )R02 <903 )R08 )R04 )R04 )R04 )R04 )R04 A)01 )R01 )R05 A)02 A)01 A)01 )R02
)046 )047 )048 )051 )052 )053 )054 )055 )056 )057 )058 )059 S001 S002 S003 S004 S005
High High High High High High High High High High High High High High High High High
9na$$ro$riate%( $ro"ure an ite! and !ani$u%ating the =: $h('i"a% in&entor( "ount' to hide* Re%ea'e a non ,ona7#ide $ur"ha'e order and the a"tion re!ain undete"ted ,( !ani$u%ating the 9: $h('i"a% in&entor( "ount' Re%ea'e a non ,ona7#ide $ur"ha'e order and the a"tion re!ain undete"ted ,( !ani$u%ating the =: $h('i"a% in&entor( "ount' :aintain a #i"titiou' &endor and "reate a $a(!ent to that &endor ;nter #i"titiou' &endor in&oi"e' and then render $a(!ent to the &endor ;nter a #i"titiou' $ur"ha'e order and enter the "o&ering $a(!ent Re"ei&e or a""e$t 'er&i"e' and !anua%%( enter the "o&ering "he"1 $a(!ent' Co!!it the "o!$an( to #raudu%ent $ur"ha'e' and initiate !anua% "he"1 $a(!ent' #or unauthorized good' and 'er&i"e'* ;nter #i"titiou' $ur"ha'ing agree!ent' and then render !anua% "he"1' #or $a(!ent Ri'1 o# !odi#(ing 'er&i"e !a'ter data 4to add a 'er&i"e that i' nor!a%%( not ordered ,( the "o!$an(6 and the entr( o# "o&ering $a(!ent' Ri'1 o# entering unauthorized !anua% $a(!ent' and re"on"i%e 3ith the ,an1 through the 'a!e $er'on* =here re%ea'e 'trategie' are uti%ized0 the 'a!e u'er 'hou%d not !aintain the $ur"ha'e order and re%ea'e or a$$ro&e it* ;nter or !odi#( 'a%e' do"u!ent' and a$$ro&e "u'to!er "redit %i!it' Create 'a%e' do"u!ent' and i!!ediate%( "%ear "u'to!er2' o,%igation Create a #i"titiou' "u'to!er and initiate #raudu%ent 'a%e' do"u!ent :a1e an unauthorized "hange to the !a'ter re"ord 4$a(!ent ter!'0 to%eran"e %e&e%6 in #a&or o# the "u'to!er and enter an ina$$ro$riate in&oi"e* 9na$$ro$riate%( "reate or "hange re,ate agree!ent' and !anage a "u'to!er2' !a'ter re"ord in the #a&or o# the "u'to!er* Cou%d a%'o "hange a "u'to!er2' !a'ter re"ord to dire"t $a(!ent to an ina$$ro$riate %o"ation* )otentia%%( "%ear a "u'to!er2' ,a%an"e ,e#ore and "reate or !a1e the 'a!e "hange to the ,i%%ing do"u!ent #or the 'a!e "u'to!er0 "%earing the! o# their o,%igation* 9na$$ro$riate%( "reate or "hange a 'a%e' do"u!ent' and generate a "orre'$onding ,i%%ing do"u!ent #or it* :ani$u%ate the u'er2' "redit %i!it and a''ign generou' re,ate' to e/e"ute a !argina% "u'to!er2' order* Create a ,i%%ing do"u!ent #or a "u'to!er and ina$$ro$riate%( $o't a $a(!ent #ro! the 'a!e "u'to!er to "on"ea% non7 $a(!ent* Create a #i"titiou' "u'to!er and initiate $a(!ent to the unauthorized "u'to!er* 9nitiate an unauthorized $a(!ent to the "u'to!er ,( entering #i"titiou' "redit !e!o'* Change the a""ount' re"ei&a,%e re"ord' to "o&er di##eren"e' 3ith "u'to!er 'tate!ent'* Co&er u$ unauthorized 'hi$!ent ,( "reating a #i"titiou' 'a%e' do"u!ent' Sa%e' $ri"e !odi#i"ation' #or 'a%e' in&oi"ing* ;nter 'a%e' do"u!ent' and %o3er $ri"e' #or #raudu%ent gain )er#or! "redit a$$ro&a% #un"tion and !odi#( "a'h re"ei&ed #or #raudu%ent $ur$o'e'* ;nter a #i"titiou' 'a%e' re,ate' and then render #i"titiou' $a(!ent'* Ri'1 o# the 'a!e $er'on entering "hange' to the Cu'to!er :a'ter #i%e and !odi#(ing the Ca'h Re"ei&ed #or the "u'to!er* Ri'1 o# !odi#(ing and entering Sa%e' 9n&oi"e' and a$$ro&ing Credit @i!it' ,( the 'a!e $er'on* Ri'1 o# Sa%e' )ri"e !odi#i"ation' #or Sa%e' in&oi"ing* :aintain a "u'to!er !a'ter re"ord and $o't a #raudu%ent $a(!ent again't it U'er "an "reate a #i"titiou' "u'to!er and then i''ue in&oi"e' to the "u'to!er* U'er "an "reate-"hange an in&oi"e and enter-"hange $a(!ent' again't the in&oi"e* U'er "an "reate #i"titiou'-in"orre"t de%i&er( and enter $a(!ent' again't the'e0 $otentia%%( !i'a$$ro$riating good'*
)R02 )R04 )R04 A)04 A)02 )R02 )R08 )R04 A)04 A)04 A)04 )R02 AR04 SD05 SD05 SD01 SD01
S006 S007 S008 S010 S011 S012 S013 S014 S015 S016 S017 S018 S019 S022 S023 S024 S025 S026 S027
High High High High High High High High High High High High High High High High High High High
AR03 SD05 AR04 AR02 SD01 AR06 AR02 SD05 AR07 SD05 AR04 AR02 AR02 AR07 AR05 SD01 SD01 AR02 SD02
S028 S029
High High
U'er a,%e to "reate a #raudu%ent 'a%e' "ontra"t to in"%ude additiona% good' and enter an in"orre"t "u'to!er in&oi"e to hide the de"e$tion* Create a "redit !e!o then "%ear the "u'to!er to $ro!$t a $a(!ent*
SD05 AR03
Tc
AO01
Tc
Function 3
De!and
Ber'ion
AO01
De!and
AO01
De!and
Ad&an"ed
AO01
De!and
Ba'i' De&e%o$!ent
BS06
Con#iguration
Ba'i' De&e%o$!ent
BS12
+ran'$ort Ad!ini'tration
Ba'i' Uti%itie'
BS06
Con#iguration
Ba'i' Uti%itie'
BS12
+ran'$ort Ad!ini'tration
BS11
S('te! Ad!ini'tration
BS05
C%ient Ad!ini'tration
Se"urit( Ad!ini'tration Se"urit( Ad!ini'tration Create +ran'$ort :aintain Du!,er Range' :aintain U'er :a'ter :aintain Bu'ine'' )artner
C%ient Ad!ini'tration +ran'$ort Ad!ini'tration )er#or! +ran'$ort S('te! Ad!ini'tration :aintain )ro#i%e' - Ro%e' )ro"e'' CR: Sa%e' Order
)ro"e'' CR: Sa%e' Order )ro"e'' CR: Sa%e' Order )ro"e'' CR: Sa%e' Order Ser&i"e Order )ro"e''ing
CR03 CR03
Ser&i"e Con#ir!ation Ser&i"e Con#ir!ation )ro"e'' Credit :e!o )ro"e'' Credit :e!o )ro"e'' Cu'to!er 9n&oi"e' )ro"e'' CR: Sa%e' Order :aintain O$$ortunit( Ser&i"e Order )ro"e''ing )ro"e'' CR: Sa%e' Order ;B) - SR: Bendor :a'ter ;B) - SR: )ur"ha'ing ;B) - SR: )ur"ha'ing ;B) - SR: 9n&oi"ing ;B) - SR: Bendor :a'ter Ban1 Re"on"i%iation ;B) SR: >ood' Re"ei$t-Ser&i"e A""e$tan"e ;B) SR: >ood' Re"ei$t-Ser&i"e A""e$tan"e ;B) SR: >ood' Re"ei$t-Ser&i"e A""e$tan"e ;B) - SR: )ur"ha'ing ;B) - SR: )ur"ha'ing ;B) - SR: )O A$$ro&a% ;B) - SR: )ur"ha'ing ;B) - SR: Bendor :a'ter ;B) - SR: )ur"ha'ing ;B) - SR: Bendor :a'ter ;B) - SR: :aintain Sho$$ing Cart :aintain Ban1 :a'ter Data :aintain A''et Do"u!ent :aintain A''et Do"u!ent Ca'h A$$%i"ation :aintain A''et :a'ter )ro"e'' O&erhead )o'ting'
CR07 AR05 CR07 AR05 CR09 CR09 )?04 )?04 )?04 SR03 SR03 SR04 SR04 SR02 SR03
CR: Bi%%ing :aintain Bi%%ing Do"u!ent' CR: Bi%%ing :aintain Bi%%ing Do"u!ent' :aintain Condition' :aintain Condition' )ro"e'' )a(ro%% )ro"e'' )a(ro%% )ro"e'' )a(ro%% ;B) - SR: 9n&oi"ing ;B) - SR: 9n&oi"ing ;B) SR: >ood' Re"ei$t-Ser&i"e A""e$tan"e ;B) SR: >ood' Re"ei$t-Ser&i"e A""e$tan"e ;B) - SR: )ur"ha'ing ;B) - SR: 9n&oi"ing ::08 C%ear Di##eren"e' 7 =: ::01 C%ear Di##eren"e' 9n&entor( :anage!ent 7
::07 ;nter Count' 7 =: ::02 ;nter Count' 7 9: ::03 ;nter Count' C C%ear Di## 7 9: ::05 >ood' Re"ei$t' to )O )R08 Ser&i"e A""e$tan"e
::05 >ood' Re"ei$t' to )O SR07 SR07 SR09 SR09 SR07 A)01 A)02 ;B) - SR: )O A$$ro&a% ;B) - SR: )O A$$ro&a% ;B) - SR: :aintain Org Stru"ture ;B) - SR: :aintain Org Stru"ture ;B) - SR: )O A$$ro&a% A) )a(!ent' )ro"e'' Bendor 9n&oi"e'
:aintain )ro.e"t' and =BS ;%e!ent' :aintain )ro.e"t' and =BS ;%e!ent' :aintain Ban1 :a'ter Data :aintain Ban1 :a'ter Data Create - Change +rea'ur( 9te! :aintain Hierar"hie'
Sett%e )ro.e"t' )ro"e'' O&erhead )o'ting' Ca'h A$$%i"ation :anua% Che"1 )ro"e''ing Con#ir! a +rea'ur( +rade A) )a(!ent'
:aintain Hierar"hie'
A)02
:aintain Hierar"hie'
A)04
:aintain Hierar"hie'
AR02
Ca'h A$$%i"ation
:aintain Hierar"hie'
AR07
:aintain Hierar"hie'
CC03
:aintain Hierar"hie'
<A01
:aintain Hierar"hie'
<A02
:aintain Hierar"hie'
<901
Re&enue Re$o'ting
:aintain Hierar"hie'
>@01
:aintain Hierar"hie'
>@02
:aintain Hierar"hie'
>@03
:aintain Hierar"hie'
)R01
:aintain Hierar"hie'
SD01
:aintain ;!$%o(ee 4)A6 :a'ter Data 7 0008 7 0009 4 HR Bene#it' 3rd )art( Re!ittan"e :aintain +i!e Data :aintain +i!e Data
)ro"e'' )a(ro%% )ro"e'' )a(ro%% HR Bendor Data A$$ro&e +i!e )ro"e'' )a(ro%%
:aintain )a(ro%% Con#iguration :aintain ;!$%o(ee 4)A6 :a'ter Data 7 0008 7 0009 4 :odi#( )D Stru"ture :aintain +i!e Data )a(ro%% :aintenan"e :aintain )a(ro%% Con#iguration :aintain +i!e Data :aintain +i!e Data :aintain ;!$%o(ee 4)A6 :a'ter Data 7 0008 7 0009 4 :aintain ;!$%o(ee 4)A6 :a'ter Data 7 0008 7 0009 4 )a(ro%% S"he!a' >ood' :o&e!ent' >ood' :o&e!ent' >ood' :o&e!ent' Bendor :a'ter :aintenan"e A) )a(!ent' )ro"e'' Bendor 9n&oi"e' :aintain )ur"ha'e Order :aintain )ur"ha'e Order )ro"e'' Bendor 9n&oi"e' :aintain )ur"ha'e Order Bendor :a'ter :aintenan"e :aintain )ur"ha'e Order Ban1 Re"on"i%iation Ser&i"e A""e$tan"e )O A$$ro&a% )O A$$ro&a% )O A$$ro&a% )O A$$ro&a% )O A$$ro&a% A) )a(!ent' Bendor :a'ter :aintenan"e )ur"ha'ing Agree!ent' )ro"e'' Bendor 9n&oi"e' A) )a(!ent' A) )a(!ent' :aintain )ur"ha'e Order
)?04 )?02 HR03 )?03 )?04 )?03 )?02 HR05 HR04 )?03 HR04
:aintain ;!$%o(ee 4)A6 :a'ter Data 7 0008 7 0009 4 )a(ro%% :aintenan"e )ro"e'' )a(ro%% )a(ro%% :aintenan"e :aintain )a(ro%% Con#iguration :odi#( )D Stru"ture :aintain +i!e Data )a(ro%% :aintenan"e :aintain +i!e Data ::08 C%ear Di##eren"e' 7 =: ::01 C%ear Di##eren"e' 9n&entor( :anage!ent 7
::07 ;nter Count' 7 =: ::02 ;nter Count' 7 9: ::03 ;nter Count' C C%ear Di## 7 9: A)02 )ro"e'' Bendor 9n&oi"e' )R01 A)01 Bendor :a'ter :aintenan"e A) )a(!ent'
A)02 )ro"e'' Bendor 9n&oi"e' ::05 >ood' Re"ei$t' to )O ::05 >ood' Re"ei$t' to )O A)01 )R02 A) )a(!ent' :aintain )ur"ha'e Order
::03 ;nter Count' C C%ear Di## 7 9: A)02 )ro"e'' Bendor 9n&oi"e' A)01 A) )a(!ent' ::05 >ood' Re"ei$t' to )O A)01 A)02 A) )a(!ent' )ro"e'' Bendor 9n&oi"e' ::01 C%ear Di##eren"e' 9n&entor( :anage!ent 7
::02 ;nter Count' 7 9: )R01 )R05 )R05 Bendor :a'ter :aintenan"e )ur"ha'ing Agree!ent' )ur"ha'ing Agree!ent'
::05 >ood' Re"ei$t' to )O )R05 )R03 <903 )ur"ha'ing Agree!ent' Ser&i"e :a'ter :aintenan"e Ban1 Re"on"i%iation ::01 C%ear Di##eren"e' 9n&entor( :anage!ent 7
:aintain )ur"ha'e Order )O A$$ro&a% )O A$$ro&a% :anua% Che"1 )ro"e''ing )ro"e'' Bendor 9n&oi"e' :aintain )ur"ha'e Order Ser&i"e A""e$tan"e )O A$$ro&a% :anua% Che"1 )ro"e''ing :anua% Che"1 )ro"e''ing :anua% Che"1 )ro"e''ing :aintain )ur"ha'e Order Credit :anage!ent Sa%e' Order )ro"e''ing Sa%e' Order )ro"e''ing :aintain Cu'to!er :a'ter Data :aintain Cu'to!er :a'ter Data
::07 ;nter Count' 7 =: ::03 ;nter Count' C C%ear Di## 7 9: ::07 ;nter Count' 7 =: )R01 A)04 A)04 A)04 A)04 )R05 )R03 <903 )R04 SD05 AR03 SD01 AR07 SD03 Bendor :a'ter :aintenan"e :anua% Che"1 )ro"e''ing :anua% Che"1 )ro"e''ing :anua% Che"1 )ro"e''ing :anua% Che"1 )ro"e''ing )ur"ha'ing Agree!ent' Ser&i"e :a'ter :aintenan"e Ban1 Re"on"i%iation )O A$$ro&a% Sa%e' Order )ro"e''ing C%ear Cu'to!er Ba%an"e :aintain Cu'to!er :a'ter Data )ro"e'' Cu'to!er 9n&oi"e' Sa%e' Re,ate'
C%ear Cu'to!er Ba%an"e Sa%e' Order )ro"e''ing Credit :anage!ent Ca'h A$$%i"ation :aintain Cu'to!er :a'ter Data )ro"e'' Cu'to!er Credit :e!o' Ca'h A$$%i"ation Sa%e' Order )ro"e''ing )ro"e'' Cu'to!er 9n&oi"e' Sa%e' Order )ro"e''ing Credit :anage!ent Ca'h A$$%i"ation Ca'h A$$%i"ation )ro"e'' Cu'to!er 9n&oi"e' :aintain Bi%%ing Do"u!ent' :aintain Cu'to!er :a'ter Data :aintain Cu'to!er :a'ter Data Ca'h A$$%i"ation De%i&er( )ro"e''ing
AR05 AR05 SD03 AR05 AR01 AR01 SD04 SD02 SD06 SD06 AR02 SD03 SD01 AR04 SD06 AR03 AR05 AR07 AR02
:aintain Bi%%ing Do"u!ent' :aintain Bi%%ing Do"u!ent' Sa%e' Re,ate' :aintain Bi%%ing Do"u!ent' AR )a(!ent' AR )a(!ent' Sa%e' Do"u!ent Re%ea'e De%i&er( )ro"e''ing Sa%e' )ri"ing Condition Sa%e' )ri"ing Condition Ca'h A$$%i"ation Sa%e' Re,ate' :aintain Cu'to!er :a'ter Data Credit :anage!ent Sa%e' )ri"ing Condition C%ear Cu'to!er Ba%an"e :aintain Bi%%ing Do"u!ent' )ro"e'' Cu'to!er 9n&oi"e' Ca'h A$$%i"ation
AR07 AR06