Watch:
- Video about Table Security (slides)
- Video about Data Dictionary and other Development Security (slides)
- Video about Logs and Traces (slides)
Read the following in textbook Auditing and GRC Automation in SAP (AGAS) by Chuprunov, Maxim
- AGAS Chapter 6.4 (Security and Authorization Controls)
- AGAS Chapter 7 (General Application Controls in SAP ERP)
Review the lecture slides and notes for Table Security, Risk / Control Framework
Daily Discussion Questions
- What is segregation of duties and why is it a commonly used control? Give an example of two (e.g. IT) roles that should be segregated?
- All companies are dynamic entities with employees and others using systems coming and going all the time. What best practices have you experienced or would you recommend for managing system users and their related security access?