Document types give the user the ability to change various security settings related to documents such as whether a buyer can approve their own PO, whether an approver can modify a document, etc. Risks vary based on the setting(s) changed. Some of the settings are integral to key controls (for SOX purposes), critical for fraud prevention, and critical for operational purposes. The impact of any changes should be reviewed. |