cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Question for Security management support by RISE with SAP Private Cloud Edition?

eakapong
Explorer

on ‎2024 Feb 02 6:17 AM

0 Kudos
555

Dear Sir,

Does anyone know the Security management items below are supported by RISE with SAP Private Cloud Edition?

For DII - Data Integration and Interoperability:

DII Techniques

  • Data Integration Specifications - Must  provide Data Integration Specifications.
  • Verification - Must review and maintain inventory of the data integration periodically
  • Data Integration Availability - Must specify availability of the data integration such as service intervals, frequency of use, and etc.
  • Data Classification - Must identify Personally Identifiable Information(PII)  data for data integration.

DII Security

  • Data Integrity Checking - Must provide Data Integrity Checking.
  • Network Encryption - Must provide  Network Encryption as end-to-end integration.

DQM - Data Quality

  • Data Quality Management - Must provide Data/Metadata Quality Management Lifecycle align as follows
    • Data Quality Requirement
    • Data Monitoring
    • Data Correction
    • Data Quality Assessment
  • Data Correction Channel - Must provide channel to correct data.
  • Data Quality Report - Must provide Data/Metadata Quality Report(s) according to period as user required.
  • Data Defect Resolution Log - Must provide Defect Resolution Log.
  • Data Quality Log - Must provide Data Quality Issues Log.
  • Metadata Quality Management
    • Must control the Quality of Metadata/Data Structure or any method that controls data to be  accurate and complete 100%.
    • Must be able to check the Quality of Metadata according to period or any changed as user required.

For Solution and Architecture; Does RISE with SAP comply with this requirement?

Servers and workstations must be installed applicable security patches regularly, including the operating system patch, the server software patch and the related application software patch.

- Install applicable security patches within appropriate period based on security level (refer to CVSS score v.3.0 from National Vulnerability Database)

  • For critical Level, must be installed security patch within 1 month
  • For high / medium / low Level must be installed security patch within 2-3 months

For User Management and administration;

  1. Support Privileged access management system using CyberArk

For Logging;

  1. Can the system store events of administrative Functions, such as changing security-related settings?
  2. Is the software compatible with antivirus (Trend Micro)?

Thank you very much for your help in advance.

Best Regards,

Eakapong

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (0)

Ask a Question