Skip to Content
avatar image
Former Member

Project Team System Authorization Standards

hi

i am new guy to security. we are in prepare preparation phase(Technical requirements design) of the implementation project.

i want to prepare documentation for "authorisation standards for project team". and i have to define standards, policies for creating user master records for project team members

please kindly suggest me and provide some documentaion regarding authorisation standards, roles of project team.

thanks in advance

Ramesh

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Jan 28, 2008 at 12:38 PM

    Hello Ramesh,

    I find this a very strange request, particularly the part where you want documentation about the roles of the project team.

    How can we (here on the forum) even guess how the project team (at your project) is composed and what the various tasks are?

    Authorizations have to follow organizational requirements, not only in production but also in the project fase.

    These requirements are created based on tasks to be executed and risks to be taken into account. They differ per implementation.

    On the technical side of things, have a look at the standard SAP delivered single roles in your system. There must be some that'll fit part of your needs.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Dear Ramesh,

      I have been through same situation as you did. And If you search for my messages in SDN, you will see similar answers from members.

      I have done some work on this and to my basic knowledge, in project preperation phase, roles for consultants what transactions they are going to use/play around on sandbox client are not defined properly.

      Our Sr. sap technical consultant advised to basically copy SAP_ALL and restrict sensitve BASIS transactions and T000 table and get the signoff from project manager (very imp get sign off from Project Manager) and make sure you close crossclient customizing on sandbox client.

      let me know if you have any further questions.

      Regards,

      N

  • Jan 28, 2008 at 01:13 PM

    Hi Ramesh,

    Why not develop your own standards, policies and procedures. There is a wealth of information on this forum which covers the main areas. Another good source is Auditnet ( http://www.auditnet.org )

    If you have any queries on specifics then there are plenty on here who will be more than happy to answer those (e.g. why should we create project consultants as Dialog users). I for one would be more than happy to review any such documentation if you posted it on here, but don't see any value in posting up generic material as it will not reflect your project and/or organisation.

    Add comment
    10|10000 characters needed characters exceeded