on 01-17-2015 3:18 PM
I am in Auditing we are just implementing a single instance of SAP across the globe. What are some of the keys thing we should focus on to audit basis?
Hello Sunday,
These could be the keys;
Audit or Security of hardware, OS and DB are also important for audit. You must take care of these.
I will give some key points for SAP layer.
These are taken from EWA reports security sections (You can check one of EWA report how to obtain these users)
* Super User Accounts SAP_ALL
* Users Authorized to Change all Tables
* Users Authorized to Start all Reports
* Users Authorized to Debug / Replace
* Users Authorized to Display Other Users Spool Request
* Users Authorized to Administer RFC Connections
* Users Authorized to Reset/Change User Passwords
Also check;
* Users Authorized to create or change users
* Users Authorized to change client settings and system change option
* Users Authorized to create, change, delete, assign roles and profiles
* Users Authorized to import, create requests
* Users Authorized to change RFC connections
* Users Authorized to administor background processing
* Users Authorized to change profiles
Regards,
Yuksel AKCINAR
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.