An authorization personnel accidentally created a role for an employee by assigning critical-level parameter values to the P_ORGIN and P_ORGINCON authorization objects, which control access to infotypes in the Human Resources module.
P_ORGIN and P_ORGINCON are the main authorization objects that enable access to infotypes in the Human Resources module. Users who hold these authorizations at a critical level will gain access to sensitive data.
Defencemore OCA's A012 control checks the parameter values assigned to the P_ORGIN and P_ORGINCON authorization objects and lists roles created at a critical level. The K005 and K006 controls list access to payment information. If an employee has accessed tables containing payment data, it is recorded. The A022 control lists all authorization objects assigned to a role, along with their parameter values. Additionally, the A018 control captures and lists critical RFC calls made from external systems.