Skip to Content
avatar image
Former Member

SAP HelpDesk - Should they have access to priv t-codes such as PFCG, SU01? (Audit perspective)

Under what circumstances can SAP Helpdesk users have access to PFCG and S_USER_SAS for update activity codes? What about SU01 and S_USER_SAS? Can this pose a security risk? I am new to SAP auditing and trying to understand the basics of what helpdesk users should and should not have access to. Thanks in advance!

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jan 03, 2015 at 12:44 PM

    Hi AG

    Do you have a general auditing background or security background? Your questions is a mixture of basic trainining security

    You can answer this question yourself if you take the time to read up on what the authorisation object is used for and also find out what the support structure for your system is (that is, are the people with the access responsible for the administration activities that require that access)

    Also, in determining risk it isn't always about the object but the actual values of the authorisation. Display activity for example would be quite different to creation or modification.

    Regards

    Colleen

    Add comment
    10|10000 characters needed characters exceeded