Skip to Content
author's profile photo Former Member
Former Member

Security Blueprint doc

Hello,

1.Do we have document / template for SAP security blueprint?

2. What is meaning of AS-IS processes, with respect to security?

3.How do we go about documenting To-Be processes, with respect to security?

Thanks in advance.

VJ

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Sep 19, 2008 at 06:36 AM

    Hi

    1. Yes thankyou

    2. As-Is means the current procesess. Your question can be interpreted in 2 ways.

    i. your security design supports the business processes, e.g. transactions & restrictions used and allocation of those to users so they can run those business processes.

    ii. Your current security processes e.g. your user & role creation process etc

    3. The functional team will document the to-be processes. They (and you) can use these processes to identify inscope transactions, important restrictions (e.g. new doctypes being used) and creation of roles. There are lots of ways of documenting it, at the minimum you want to capture the new tx to role mapping, important restrictions per business process or functional area & to-be organisational structure.

    Add a comment
    10|10000 characters needed characters exceeded

    • >

      > >alex

      > >1. Yes thankyou

      >

      > If you are talking of ASAP doc then I am sorry to say the ASAP security plan is very complex to follow and doc are not comprehensive.

      > There is nothing as in blue print. Requirements gathering and Testing of role (its and documentation) is not properly explained.

      I am not referring to ASAP, though from a security perspective, in my experience, ASAP is fine to follow & use if you spend the time required to get used to it.

      I have seen many, many security blueprints which would benefit from using the various ASAP elements, despite it's weak points.

  • author's profile photo Former Member
    Former Member
    Posted on Sep 19, 2008 at 12:25 PM

    Hello Alex,

    Thank you for answers.

    Is there any place i can get a sample of document / template of security blueprint.

    Thanks,

    Vijay

    Add a comment
    10|10000 characters needed characters exceeded

    • > I can't think of anywhere where blueprint docs are available. Blueprint docs usually take quite a while to put together & there is obvious reluctance of people to make available work which likely remains the property of their company/client.

      Very well put Alex! Julius, Maybe a small text like this one could enter the sticky?

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.