on 08-17-2006 4:08 PM
Our upper management ordered an audit of all roles in our ERP system. The company that audited us came up with a pretty extensive report that basically said a Basis Admin should not have the rights to both create transports and actually move transports. That's just one example. But there were many. Our Basis team is 4 people, yet their recommendations were to have close to 10 segreated duties that, in all my years(10+), have typically been performed by the same role. Clearly, this "report" that the auditor ran was pre-canned and scripted with little input on our specific company/environment. But I want to know - does anyone have any SAP published docs about recomendations on Basis roles and what transactions/duties they encompass?
Any comments on how similar audits at your own company might have gone?
Traditionally, I have seen Basis Admins have SAP_ALL and SAP_NEW in all systems except PROD. But in the SAP Best Practices for Security, Basis admins normally have a role set up that has pretty much everything they need. It does not normall include Security and most business transactions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Basis admins should have all rights in the systems ,i never saw a basis admin having roles in his master record
admins have sap_all and sap_new
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.