Skip to Content
Oct 13 at 10:35 PM

SE38/SE80 Access in Production


I pointed out to a client that access to SE38 and SE80 access in production is not best practices. They asked me if there is an SAP document from SAP suggesting that this is an audit risk.

Does anyone who has worked in Security know of any documents or WIKI's that describe the risks of granting SE38 and/or SE80 directly in production?

I have told them that you can't limit the access to execute programs individually and that we can add the programs that they do need to run to a menu, but users are giving pushback and any documention and/or opinions would be appreciated.