Career Corner Discussions
Join the conversation in the Career Corner group to ask career-related questions, find approaches to building skills, and seek career advancements.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Scope in SAP - Security

Former Member

‎2011 Aug 17 7:02 AM

0 Kudos
904

Hi,

greetings...................

I am mainly on to SAP-ABAP and CRM.......

I got an opportunity to work on SAP-Security...

How good is SAP-Security...

What is the Scope in it....???

please help i'm in dilemma.....

thank you

regards

5 REPLIES 5

Former Member

‎2011 Aug 17 11:23 AM

0 Kudos
273

Are you interested in risk and controls?

Are you committed to learning business processes?

Are you curious about understanding the different ways of accessing and therefore protecting data?

If the answer is yet to all of those then security is very good. If you do it properly it is crosses technical and functional boundaries and has scope that extends out of technical configuration into processes, controls, policies, procedures etc. As you can see, the scope is wide and as the SAP infrastructure grows the opportunities grow with it.

If, on the other hand you just want to create users and roles based on spreadsheets provided by someone else then the future is not too rosy...

Former Member
In response to Former Member

‎2011 Aug 17 8:57 PM

0 Kudos
273

Bravo! - captured everything very nicely

Regards

David

Former Member
In response to Former Member

‎2011 Nov 10 5:43 AM

0 Kudos
273

Thank You...

Former Member

‎2012 Mar 14 6:59 AM

0 Kudos
273

Hello Rohan,

Lets Clear the confusion,

SAP Is a sensitive and critical system,SAP is an ERP and business application system,

Any security vulnerability may result in financial loss, business disruption,misstatement of financial information etc..Unlike infrastructure security vulnerability, SAP Security vulnerability may directly impact the business.

The security controls in SAP are:1. Business Process Control

2. Authorization Control 3.Basis Control, 4. Segregation of Duties

Bellow is the list of activities performed in SAP Security:

1. Security Administration

  • Determine how security administration is organized

  2. Help Desk

  • Determine if the help desk is effective

· Records incidents reports

3. Determine if proper system monitoring is performed

4. Determine if training is properly administrated

5. Determine if key system interfaces are properly controlled.

6. Obtain a list of all system users

7. Obtain a list of custom transactions

ABAP programs

Review ABAP programs to ensure that all system function calls are authorized.  System function calls allow are Unix commands that are passed to the operating system to perform a task at the operating system level such as using Oracle SQL commands to query the database during the execution of an ABAP program.

Hope now you can decide...

Regards

SarjitSagar

Former Member

‎2014 Apr 17 4:35 PM

0 Kudos
273

Hi Rohan,

Iam currently started working in SAP Security, initially I was AS400 developer(Legacy Systems).

In my view point, SAP Security, Security means it involves many things.

User Admin & Role Admin :

In this creation of Users, Roles, modifications etc.

Roll Outs :

Understanding the business process & building roles accordingly & implementing them in SAP.

Reporting:

1 -  SAP System Audit reports.

2 - CCA(Critical Combination Authorisation) reports.

3 - Mitigation Controls.

4- Risk Analysis.

5- SAP License management

So, as a whole it deals mainly with the Administration & Controlling areas.

Hope it helped you in understanding something regarding SAP Security.

Thanks,

harish