This post is part 2 of our discussion on SAP Security Audit Guidelines. we had discussed about some of the important points which need to be followed for SAP Security Audit Guidelines. We would continue to do so in this part as well and try to cover as many important points as possible.
List of some common tables for which table logging should be enabled
Table |
Description |
T000 |
List of clients |
T001 |
Company Codes |
TSTC |
Definition of tcodes |
TOBJ |
Definition of Authorization objects |
TACTZ |
Valid activities |
TSTCP |
Parameters for Transactions |
TPGP |
Authorization Groups for Programs |
TBRG |
Authorization Groups for Tables |
TDDAT |
Table to Authorization group mapping |
TNRO |
Definition of number range objects |
TSTCA |
Values for Transaction code authorizations |
Critical Transaction Codes in Production:
Transaction Code |
Description |
Assignment Status in Production |
SU01 |
Create User |
Security Team |
SU10 |
Mass User creation |
Security Team |
PFCG |
Role Maintenance |
Display only version to Security Team |
ST01 |
System Trace |
Basis/Security Team |
SM19 |
Security Audit Configuration |
Basis/Security Team |
SM20 |
Analysis of Security Audit Log |
Basis/Security Team |
SM18 |
Reorganize Security Audit Log |
Basis Team |
EWZ5 |
Lock Users |
Security Team |
RZ10 |
Maintain Profile Parameters |
Basis Team |
SM12 |
Display and Delete Locks |
Basis Team |
SM04 |
User List |
Basis Team |
SM59 |
RFC Destinations (Display/Maintain) |
Basis Team |
SA38 |
ABAP Reporting |
Super User Role |
SP01 |
Output Controller |
Basis Team |
SECATT |
Extended Computer Aided Test Tool |
Super User Role |
SCC4 |
Client Administration |
Locked |
SE09 / SE10 |
Transport Organizer |
Locked |
SM49 |
Execute external OS commands |
Locked |
SM69 |
Maintain External OS Commands |
Locked |
SHD0 |
Transaction and Screen Variants |
Locked |
SE38 |
ABAP Editor |
Locked |
SE93 |
Maintain Transaction Codes |
Locked |
|
|
|
|
0 Comments