PSA maintenance in BW and SOX

Former Member · ‎02-28-2007

Hi all,

while checking our BW system for SOX compliance auditors now have the PSA maintenance possibility discovered as high potential risk.

Does anybody else have already experiences with such a control?

Solution for now is to restrict authorization for PSA maintenance and grant it only case-by-case.

Is there any possibility to monitor changes in the PSA?

Thanks

Stefan

Former Member · ‎02-28-2007

Hi,

check this:

hope it help's

Former Member · ‎02-28-2007

Hi Jerome,

thanks for answer. Restriction on the PSA maintenance is not that problem.

To grant further maintenance without allowing case-by-case access which means only more work for some people it would be good to have a monitoring function of changes in the PSA.

Would be good to have any table which stores any changes.

Thanks

Stefan

Former Member · ‎02-28-2007

Hi Steffan,

Have a look at note 945724 .

Hope it might help you out.

Please award points if it is useful.

Thanks & Regards

Santosh

Former Member · ‎02-28-2007

Hi Santosh,

sorry but as said. The maintenance itself or the restriction on it is not the problem.

To have a table to document what changes have been done would be nice to have.

This would fullfill SOX requirements.

Br

Stefan

Former Member · ‎03-01-2007

Hi Stefan,

I donno if it can help exactly but have a look.

This note shows you how to determine the PSA table name for a request.

1. Implement the ZGET_PSA_TAB report from the correction instructions in your BW system.

2. Determine the request ID of the data request in the monitor.

3. Start the ZGET_PSA_TAB report with this ID request.

4. Now analyze the data in the PSA using transaction SE16.

Please refer note: 500966.

Thanks & Regards,

Santosh