cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Various Ways to add Z t-code as risk in the system

Former Member

on ‎07-15-2016 12:22 PM

0 Kudos

Hello Team,

In my project, we have almost 80 t-codes that are customized(Z - Tcodes).

All these t-codes are either calling a std t-code or accessing some std tables.

Please note that :- Authority check statement is not maintained for any of the z-tcodes.

In GRC, we have maintained them as risk via two ways:-

1. Adding them as critical action

2. Adding the same t-code in 2 different function (Permission level is not maintained)

Please let me know if there are more other method to achieve the same

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member204479
Active Participant
‎07-15-2016 1:25 PM
0 Kudos

Hello Mili,

If a custom tcode is similar to a standard tcode or basically calls a standard tcode, you might want to add the custom tcode into functions where the corresponding standard tcode exists.

If a custom tcode reads a table then you might want to add it to functions where SE16 / SE17 is available. However, here you would want to add specific auth object values in permission list too.

In any case, it is best to tag permissions, because having risk analysis only based on tcodes does not always give necessary results.

Thanks!

Sammukh

Show replies
Show replies
Ask a Question