Where networking and knowledge intersect.
Find Resources & Connect with members on topics that interest you.
Please sign in to see your topics.
You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more
Dear all,I have a practical question. In case of administrators having SAP_ALL in client 000 what a...
Temenuga @ 1/18/2012 9:45 AM | Comments (4)
I am auditing a new SAP Implementation. I need the transaction description to identify which are ...
emorro @ 8/16/2011 1:11 PM | Comments (2)
I am starting an audit to a new SAP implementation. I need some procedures for auditing SAP?Regar...
emorro @ 8/2/2011 3:53 PM | Comments (1)
I am trying to identify ways to make this forum more useful for the members. I will be happy to rec...
Barun @ 6/2/2011 3:22 AM | Comments (3)
I am trying to identify new trends in SAP security. The last one was the SOD wave which saw many co...
Barun @ 4/10/2011 8:45 PM | Comments (2)
My office is looking at options for documenting our audits, creating reports, etc. We are already f...
Richard Fowler @ 12/15/2010 9:50 AM | Comments (9)
Can we share our different experiences with implementing Role Based Access in SAP.I have observed d...
Yogesh Agarwal @ 12/13/2010 7:47 PM | Comments (6)
Hi,I am often queried by my clients on use of SAP Audit Information System (AIS). I have a few ques...
Barun @ 10/25/2010 4:49 AM | Comments (3)
sharing it audit /control expierence
Derek @ 10/22/2010 4:50 AM | Comments (0)
Does anyone have a good list of T-codes, infotypes, auth codes, etc. to review for and access contr...
LuAnn153 @ 10/13/2010 4:14 PM | Comments (3)
Hi,Does SAP maintain reference information for deleted master records. For example, if a vendor mas...
Barun @ 9/27/2010 5:54 AM | Comments (1)
Does SAP maintain reference information of a deleted master record? For example, if I delete vendo...
Barun @ 9/27/2010 5:52 AM | Comments (3)
Hi all,I'm looking for best security practices to follow to protect data privacy when moving (trans...
Claude-Bernard @ 9/9/2010 7:42 AM | Comments (1)
Hello group,Has anyone worked towards validating SAP R/3 for USFDA 21 CFR Part 11 compliance. If so...
Joseph Kiran101 @ 7/1/2010 9:16 AM | Comments (1)
Can anyone confirm for me the tables which contains the invoices that are posted against a purchase...
Chad Stowe @ 7/1/2010 8:32 AM | Comments (3)
Hi,DDIC account is needed in SAP system and it has not been replaced any other system account. If D...
Tony @ 3/14/2013 8:56 AM
Dear Colleague!Maybe you'll find the missing DDIC account in another client of your SAP system. It ...
Walter296 @ 3/14/2013 5:18 AM
Dear Benjamin638!Here's the link to the SAPGUI Scripting Security Guide (older version but with mor...
Walter296 @ 2/12/2013 9:22 AM
Auditing and QA for medium and small organizations
SamVarghese @ 1/31/2013 4:42 AM
We are evaluating the functionalities offered by SAP Audit Management compared to traditional off t...
Patrick904 @ 1/14/2013 1:39 AM
As for Tax Audit, SAP provides some standard Tax audit roles for auditors.As every country has it's...
Leon @ 12/18/2012 11:29 PM
There are some books in SAP Press, and ISACA too on SAP Security and Auditing. I remember there's a...
Leon @ 12/18/2012 11:27 PM
Hi everybodyDoes anyone have material on auditing SAP.I would be very grateful for any assistance.
Prince711 @ 12/11/2012 4:41 AM
Have you checked the AGR*-tables? See e.g. AGR_1251, AGR_1252 or AGR_USERS.Of course you need to de...
Tony @ 12/10/2012 7:53 AM
We can create a join table query through SQVI, and get the user list with authorization object and ...
DHIRAJ206 @ 12/10/2012 7:20 AM
http://www.sap.com/solutions/analytics/governance-risk-compliance/index.epx http://scn.sap.com/docs...
Sangram Dash @ 11/14/2012 8:53 PM
Interesting. More info would be appreciated. When I asked some SAP gurus about this before the answ...
Leon @ 11/14/2012 8:30 PM
Hi Norman Marks, I will appreciate if I can get the documentations. I will email you. Masika
Masyca @ 10/18/2012 10:42 AM
The key is to start with business risks and identify the related SOD conflicts that matter. Too oft...
Norman Marks @ 8/31/2012 12:47 PM
I think I have answered this, though may not be good enough, but I need to know if it's been delete...
Leon @ 8/30/2012 11:49 PM
Hi, this topic discussion relates to the sharing of best practices related to SAP segregation of du...
James024 @ 2/2/2012 5:44 AM | Comments (5)
Hi.I have been working for about three years in the definition of security policies for SAP (someth...
Carlos Beltran @ 2/2/2012 6:22 AM | Comments (5)
I would like to know how can I have a report that will give me the following: -roles...
Jean-Francois @ 5/28/2012 12:21 PM | Comments (3)
HelloI belong to a tax authority that is deploying the SAP-TRM (Tax Revenue Management) module of S...
pauld @ 11/16/2012 5:46 AM | Comments (3)
I have noticed that the DDIC account does not exist in my company's SAP ECC 6.0 installation. Does...
Rich.Ludwig @ 3/12/2013 9:08 AM | Comments (2)
Hi all, I just got an interesting question from a good friend of mine: who has "simple info&qu...
Marc Vael @ 2/8/2012 7:43 PM | Comments (2)
Has anyone developed any sort of continuous or automated approach to monitoring potential violation...
Jim495 @ 6/18/2010 2:54 PM | Comments (2)
You must be a logged in to start a discussion.