SM30/SM31 and SE16 access in Production systems - Confusion
Hi Security Experts,
Could any one give some information why SE16 or Sm30/SM31 access should not be granted directly in production systems even if its for a custom tables which are assigned to authorisation groups?
I have been going through lot of forums where every one says access to tcodes should be restricted or access need to provided in alternate way but i could not see the clear information on why this is should not be granted?
I can think of risk providing to standard table authorisation groups but i don't understand the reason why custom table access via SM30/Sm31/Se16 should be restricted?
Could any one explain the implications of granting the access directly, if possible please provide information from audit point of view.
In our company there are many users who have got access to SM30/Sm31 to maintain z* tables which are assigned to authorisation groups, is this a security risk?
Please shed some light on this. Your information is much helpful in clearing my doubts and is much appreciated.