What is the basic control for SAP R3 auditing?


SAP R3 is one of the largest ERP (Enterprise Resource Planning) used in industry nowadays. SAP is very huge application compare to others ERP. SAP contains more than 30.000 table and tcode to maintain the integrity of transaction. However the basic control for SAP R3 could be summarized by these 5 basic control categories.

1. System Environment
This include client configuration, segregation of duties in the environment, company code configuration and all basic system environment configuration

2. User Configuration
SAP*, super user security and powerful profiles

3. Security configuration
Password Management Controls such as minimum password, password expiration, fails to session end, fails to user lock, gui auto logout

4. Basis Configurations    
System Development and Maintenance, Transport Management, Audit Logs

5. User Access Management & Authorization
Access to sensitive tcode transaction

Any suggestion?


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket

Trackback URL for this post:

http://www.securityprocedure.com/trackback/41

User login

Who's online

There are currently 0 users and 4 guests online.