Solved: Re: security

Former Member · ‎2007 Mar 19

hey,

in all the business scenarios there r DEV,QA,PRD.can som1 kindly explain what is actually happening in these systems n the role of sap security guy in all these three?

Former Member · ‎2007 Mar 19

hi Kamal,

Just read this nice explanation on SAP help..

http://help.sap.com/saphelp_nw04/helpdata/en/63/a30a4ac00811d2851c0000e8a57770/content.htm

It shdould help u in getting the over view...

Ping back to us in case of questions...

VBr,

Sri

Award points for helpful answers

Former Member · ‎2007 Mar 19

hi Kamal,

Just read this nice explanation on SAP help..

http://help.sap.com/saphelp_nw04/helpdata/en/63/a30a4ac00811d2851c0000e8a57770/content.htm

It shdould help u in getting the over view...

Ping back to us in case of questions...

VBr,

Sri

Award points for helpful answers

Former Member · ‎2007 Mar 19

Kamal,

High level overview:

In SAP most work is done in development then transported to QA for testing. Once testing passes it is moved into PRD.

DEV

Used for development and configuration. The security person needs to insure only approved developers and configurers have change access. In addition modifications requiring transport should go through a change control process.

QA

Used For testing. Should resemble production as much as possible in order to produce accurate testing. Direct access to development and config should be restricted in this instance (generally speaking).

PRD

End users have transaction access and administrators should be limited.

Cheers,

Ben

Former Member · ‎2007 Mar 19

A security guy, handles on a number of times the Authorizations and related issues in these systems....

Ideally he makes the changes in DEV systems, moves them to QTY for the tests and once the Tests are successull, the transports would be moved ot PRD.

In a nut shell, thats how every change mkoves across in trhe SAP system.,

Hope it helps...

VBr,

Sri

Award poiints for helpful answers

Former Member · ‎2007 Mar 20

hi,

dev ,qa prd are the three diff clients in sap system,rite?so in dev ,customizing refers to the functional guy ,developers according to the business need they edit sap.then these changes are transported to qa.wat is the actuall purpose of qa?it just checks whethr the transport is done r any missing links?so the role of sap security in dev is to restrict developers and functional guys and exclusively creates role for devlopers etc not for the end users?

In prd again the security guy creates the role according to the business needs inorder to assign to end user? pls let me b clear....

Former Member · ‎2007 Mar 20

hi kamal,

The securoty guy does not develop any thing for business in PRD. the same is developed in DEV system only and tested in QTY by a few people who don the cap of a End user... so the security guy has to take care of both the consultant roles and buisness users roles...

also in QTY integration testing etc... once a developer developes a programm, module or a user exit, we test that development in DEV system as a unit...

so its called unit testing... and once we move it to QTY, it is tested on a different angle, like does this change affect any other module, does it have a impacxt on any other working programm etc etc... once all the checks are made and if it has got a satisfactory perfromance then only the new program, new tcode or whatever be it is moved to production...

The same procedure is even followed while applying SAP Notes to the systems..

Hope it is clear now..

VBr,

Sri

Award points for helpful answers

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

security