Skip to Content
Former Member
Sep 09, 2010 at 09:52 AM

Security Audit - Tracking Program-Code Changes


Dear all.

I encountered difficulties with the following issues.

Appreciate any help that can be offered.

Thanks in advance.

Our security policy requires that we be able to justify all program code changes.

For changes implemented by Transport Requests (TR), we are already able to trace back to our Change Requests (CR).

So my next step is to identify program changes/creations that were done directly in our production client.

I have tried to look into table REPOSRC for this objective.

Although results from the table entries look promising, I am puzzled by the field RMAND.

We thought the field to contain the client number in which the program was changed/created.

However, we started to notice some numbers which is not known to be our client.

I checked SCC4 and confirmed we do not have those 'unidentified' clients.

I have also changed the change log for the clients-table and there were no changes associated with the 'unidentified clients'

And one more thing, there were some entries where RMAND field is blank.

Does anyone have advice on this RMAND field ?

I understand that for certain SAP Notes, changes to program codes may be implemented directly in production client.

In such scenarios, does anyone have advice how changes can be traced back to the cause ?

I also noticed some programs that go by the following name.


Does anyone know what this is and how it comes about ?

Thank you very much.