We are implementing MII in our organization, now we are doubtful who should be handling the MII Security. There is SAP security team who handles ECC SAP security and the MII administrator who would he handling all the MII related tasks. Now we are doubtful whom should be given a responsiblity of MII security, either to MII Administrator or to SAP Security team.
We also found that is no standard SAP roles for performing MII Security duties. There are XMII_Developer, XMII_User and XMII_Addministrators roles but not specific to security. So does htis mean we have to customize XMII_Administrator role to restict it for secuity purpose. Or this responsibility should lie with the MII Administrator itself.
Please let us know the standard process and process followed in other companies.