SAP- SECURITY
SAP Security/GRC Modules are Sub-Modules of SAP BASIS Module. Security Module deals with Permissions, Authorizations etc., aspects of System Admn., Functionality in an SAP Project. BASIS Consultants who are assigned with SECURITY responsibility in an SAP Project will learn “Exclusive SECURITY” Module focused mainly on SECURITY related Functions. As with BASIS Module, SECURITY Module can be learned by people from all Academic streams and become SECURITY Consultant.
Who Can Choose This Course:
|
Module |
Pre-Requisite |
With Qualification |
With Experience in:
|
|
Security |
Graduation |
B.Tech., |
System Admins, EDP Dept., professionals |
|
|
|
B.Sc (Comp.,) |
|
|
|
|
M.Sc (Comp.,) |
Course Content:
1) Introduction to ERP:
- Introduction to Enterprise Resource Planning
- Types of ERP’s
- Features of ERP
- SAP History and Modules of SAP
- Striking features of SAP
2) Architecture of SAP R/3:
- R/3 Basis Software
- Basics Architectural Groups
- SAP-System Central Interfaces
- SAP-Services with Dispatcher
- SAP R/3 Communication Protocols
3) Security Introduction:
- User Administration
- Role Management
- Authorization Issues
- Authorizations and Profiles
- Tables and Report Management
- SAP Security Audit Configuration
4) User Administration
- Classification of Users
- Types of Users and responsibilities
- User Administration (Single and Mass Users for Create \Delete \Copy \Lock \Unlock Password Resets \ Change)
- Maintain User Groups with SUGR
- User Company Maintenance (SUCOMP)
5) Role Management:
- Overview of Roles and Profiles
- Classification of Roles and naming Conventions
- Role Management with PFCG (Create \ Change \ Delete \ Copy \ Transport)
- Composite, Derived and Single roles
- Org. level concept in Derived Role
- Role Import and Export activities
- Role Re-conciliation (PFUD) and Mass role Generation (SUPC)
- Upgrade Tool for Profile Generator with SU25
6) Authorization Issues:
- Authorization Root cause Analysis
- Adding Missing Authorization Objects
- System Trace (ST01) and Missing Authorization issues with SU53
- Use of PFCG_TIME_DEPENDENCY
7) Authorizations and Profiles:
- Authorization Hierarchy
- Maintain Authorization Profiles and Authorizations with SU02, SU03
- Auth. Obj. Check under Transactions with SU24
- Upgrade Tool for Profile Generator with SU25
8) Table and Reports Management:
- Handling Weekly \ Monthly reports for User Information System with SUIM
- Handling SE16, SE16N reports
- Table level access restrictions with S_TABU_DIS
- Use of Users and Role Comparisons
- Analysis on Change Documents and Where Used list activities
- USR*, AGR*, USH* and Client Management Tables
- Evaluation Security Reports RSUSR002,RSUSR040, RSUSR003.
9) Audit requirements:
- Customer measurement with USMM
- User classification under Customer measurement
- Security Audit Configuration with SM19
- Analysis of Security Audit Log with SM20
- Online System Log Analysis with SM21
10) Overview of the SAP-HR, SAP-SRM SECURITY:
- Overview of SAP-HR, SRM Security
- Org. chart assignments in SRM Assignments
- Indirect assignment of standard HR Roles to Organizational Objects
11) Overview of the GRC:
- Overview of SOX-SOD
- Classification of SOX Rules
- Introduction to GRC AC 1