cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Security On A New SAP Implementation

Former Member

on ‎01-20-2008 9:23 PM

0 Kudos

Hi Gurus,

I'm going to be part of a team that will be implementing SAP Security with a company that's implementing SAP. My experience has always just been on the maintenance and support and I was wondering security wise, what's involved during the implementation stage. What are the things to be done or considered when implementing SAP Security? Are there steps to be followed? What is the best strategy for implementing authorizations?

Thanks in advance for answering my questions and enlightening my junior mind.

JB

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎02-05-2008 7:43 PM
0 Kudos

Hi,

SAP Security implimentation process follows the Authorisation Methodology. In this we need to follow the phases which are

1._Requirement_ :In this Implimenting parttner team comunicates with end user and prepare the S.O.D. As per S.O.D implimenting partners prepare the _Role matrix ._

2._Analsys:_ as per role matrix based on rules and regulations consultants educate the end user.

3. *Implimentation* : As per role matrix Single role,composite rople,derive role will be Develop and securing table ,reports.transaction which are critical.

4. Quality check and test: developed roles are move to qulity system and testing will be done as per approval from the decision maker role are move to the production server.

5.Cutover: this roles are assigned to the users and system goes to live.

Underlined and bold words plesase cocentrate deep.

Thank you.

Show replies
Show replies
MichaelShea
Product and Topic Expert
Product and Topic Expert
‎01-21-2008 6:49 AM
0 Kudos

I am no expert, but some of the basic questions you can think about are:

  • Who needs access to which systems

  • What authorizations do they need in those systems

  • Who is going to maintain those authorizations and how are they going to do it

  • How are you going to authenticate your users

  • How are you going to protect your systems from malicious users, external and internal

  • How secure does each system need to be

-Michael

Show replies
Show replies
Ask a Question