Excessive access control in SAP R/3


Excessive access control is one of common finding made by IS auditor when auditing SAP R/3 application. This finding is very easy to be found especially if the SAP implementation is quite new.

This is common to be founded since during early implementation, assurance and governance is not a major issue compare to application performance. So after this stage we can see a lot of access given to unauthorized user such as vendor and third party user account.

So its really recommended that every company, who already implemented the SAP to perform Post Implementation Review for the application integrity and access control management.

Do you have any experience about excessive access control in SAP R/3


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket

Trackback URL for this post:

http://www.securityprocedure.com/trackback/106

User login

Who's online

There are currently 0 users and 10 guests online.