Hi Howard,

These notes were a bit of a speciality in that SAP owned up to them and made every customer aware of them by the custom mailshots and the link on the first page of SAP service marketplace. Having said that there are a couple of really serious ones that we've discussed in recent threads you may have seen.

I periodically check the HotNews and TopNotes links that are in the spotlight news, but that does require a bit of reading up to see if notes are relevant. Fortunately my job description covers this sort of research and my line manager supports the time this takes.

Once I've found a note that could be of interest I have an excellent ABAP aware security analyst who can help with the testing of the notes to see if these could impact any of our 34 production SAP instances (you name it we run it on SAP). My ABAP is too rusty to do this myself, so in a process you'd need someone with such skills to be able to understand any program specific issues.

Finally we run these past our infrastructure guys to make sure we are right with our concerns, as this alerts them to the notes that we might be getting them to apply for us.Again my Basis knowledge is quite old, so it makes sense to involve the experts in assessing if something really is a risk.

We are looking to expand such an approach to cover functional notes, particularly as we are aware some notes might be being looked at by security, basis, development and functional teams through out our organisation. By having a forum we might be able to save effort by one area passing notes of interest to other subject matter experts in other teams.

Hope this gives some insight into one approach, if anyone else out there has a better way of doing this we can all learn.

Regards,

Chris H.

PS > we have applied all of these notes, without any issues to date.

Edited by: Chris Haigh on Apr 17, 2009 6:19 PM

Thanks Chris

Good weekend!

Cheers,]

Howard