One of the common processes for SAP Security auditing is looking at the security transports, approval process of the User management and looking at sensitive t-codes, sensitive objects, profiles and hot t-codes.

Security Transports:  Pick 5 or 10 transport and look at the approval process and results recorded for each of the transports

User Management Approval: Pick 10 users and review the approval process for each of the users

Sensitive T-codes:   Looking at sensitive t-codes like maintain number ranges, open close period and seeing how many people have access to the Transactions

Sensitive objects:  Look at object like S_Program ,  S_TABU_DIS  etc in the system and see how many roles have open access

Profiles:  Look at sap profiles used by the users in the system

Hot T-Codes:  User who have basis Transactions.

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

 

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate