The Security Audit Log (SAL) is one of the most important elements when it comes to security in your SAP landscape. With SAL critical and security relevant activities in SAP systems can be recorded and evaluated. The settings in SAL are relevant for secure continuous operation.
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
To use all the features of the SAP Patch Manager, you need the following permissions: S_TRANSPRT S_CTS_ADMIN Both are in the S_A.SYSTEM permission profile. If you log in to the Mandant 000 and your user base contains the appropriate permission profile, then you can use all the features of the SAP Patch Manager. When you log in to another client or without the appropriate user profile, you can only use the display functions. Map this permission profile to the system administrator only. Only the system administrator should have permission to perform the following actions: Support Packages Download Support Packages Play Support Packages Confirm Successfully Recorded Support Packages Reset Support Package Status Support Packages eliminate errors in the SAP system or make necessary adjustments due to legal changes, for example. The affected objects will be replaced in your system. Each Support Package is valid for one release level (but for all databases and operating systems) and requires a precisely defined number of predecessors. The upgrade from the following release or revision level contains all support packages from the previous booths that were available until the upgrade was delivered. SPAM ensures that support packages are only played in the order specified. To avoid problems, play all support packages as they are deployed. This allows you to keep your system up to date.
The definition, organisational structure as well as the naming of the SAP basis is historically conditioned by previous SAP software versions and components. This also results in the perception of the SAP basis and the related focus of the SAP NetWeaver and the ABAP system core, which is still widely used today. However, the scope of activities has changed significantly in terms of tasks and technology and will continue to change in view of SAP's perspective and product strategy and the changing roles of IT. In order to accommodate this change and to change perceptions both in the overall context of the SAP ecosystem and within its own company, the SAP basis must develop a new self-understanding and establish a marketing for the publication of its own performance. The underlying information can be found in the master thesis in chapters 7.4 and 9.2.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
Thanks to the many different modules, such as "Finance" and "Human Capital Management", as well as the wide range of customization options, a broad field of professions and possible areas of focus has opened up here in almost 50 years.
Prerequisites You have successfully imported one or more Support Packages.