Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Improvements in SAP HR Security

Former Member
0 Kudos

Hello Guys,

SAP HR Security Needs to be audited.Can anyone mention the Points to look for the Audit Purpose in SAP HR System on the Security Side. Please suggest some points to Check that SAP Security is Perfect in HR system.

Thanks,

Vijay

4 REPLIES 4

Former Member
0 Kudos

There are a lot of SAP audit resources on http://www.auditnet.org

If they are doing a security review it is likely that it will be similar to an R/3 security review but with time spent on access to HR data via infotype access and other methods (SE38/SE16/Queries etc).

Former Member
0 Kudos

Hello,

As Alex mentioned for HR you would be concentarting a lot on access to all the infotypes and their subtypes. This would be a more of HR functional guys job to help you.

Let them list all the infotypes they are using or you can pull a report of all all infotypes being used in your roles. Divide the list based on your HR sub-modules that your using such as payroll, time, benefits, orgmanagement. Based on this info I would like start my review of the HR roles.

Usually its good to restrict employess from self update to majoirty of the infotypes. non-critical infotypes that an employee can update by himself should be listed by your HR guys.

If these basic issues were never taken care off, then you are in a real mess.

Thanks,

Jay

Former Member
0 Kudos

Hello Friends,

When i run a report RHPROFL0 in production on test Mode all the nodes are show me in YELLOW Colour.But it should be green.Does Structural Authorization work if they User Comparison is not done properly.

We have to remove the test mode check mark & run it as it will all be in Green status.Who runs the report.Administrator or the HR Guy.

What are the other major points that i have to check for running a Sucessfull Structural Authorization running.

Please Let me know.

Cheers,

Vijay

Former Member
0 Kudos

Hello Friends,

What worries me here is that roles that has been assigned Indirectly to users are being deleted from users when you run the report. I guess only the first time and the next time they will be assigned again? I'm not sure.

There is something wrong in the setup, because why are roles deleted from users?

Example:

User AALBERTI

If you run the report roles will be deleted from his user. He is maintained in table T77UA and has the profile [ Z_MANAGER ] from table T77PQ assigned.

There is something -


??? Whay are the roles removed???

Kind Regards,

Vijay