SAP Security/GRC Modules are Sub-Modules of SAP BASIS Module. Security Module deals with Permissions, Authorizations etc., aspects of System Admn., Functionality in an SAP Project. BASIS Consultants who are assigned with SECURITY responsibility in an SAP Project will learn “Exclusive SECURITY” Module focused mainly on SECURITY related Functions. As with BASIS Module, SECURITY Module can be learned by people from all Academic streams and become SECURITY Consultant.

Eligibility for a course typically depends on the following:

  1. Prerequisites: Required prior courses or skills.
  2. Level of Study: Undergraduate, graduate, or continuing education.
  3. Program Requirements: Specific to your major or program.
  4. Open Enrollment: Available to all students as an elective.
  5. Special Permissions: Might need instructor or department approval.
  6. Availability: Limited seats may give priority to certain students.
  7. Location/Delivery: Online or specific campus availability.

Check the course catalog or consult with an academic advisor for specifics.


1) Introduction to ERP:
• Introduction to Enterprise Resource Planning
• Types of ERP’s
• Features of ERP
• SAP History and Modules of SAP
• Striking features of SAP
2) Architecture of SAP R/3:
• R/3 Basis Software
• Basics Architectural Groups
• SAP-System Central Interfaces
• SAP-Services with Dispatcher
• SAP R/3 Communication Protocols
3) Security Introduction:
• User Administration
• Role Management
• Authorization Issues
• Authorizations and Profiles
• Tables and Report Management
• SAP Security Audit Configuration
4) User Administration
• Classification of Users
• Types of Users and responsibilities
• User Administration (Single and Mass Users for Create \ Delete 
\ Copy \ Lock \ Unlock \ Password Resets \ Change)
• Maintain User Groups with SUGR
• User Company Maintenance (SUCOMP)
5) Role Management:
• Overview of Roles and Profiles
• Classification of Roles and naming Conventions
• Role Management with PFCG (Create \ Change \ Delete \ Copy \ Transport)
• Composite, Derived and Single roles
• Org. level concept in Derived Role
• Role Import and Export activities
• Role Re-conciliation (PFUD) and Mass role Generation (SUPC)
• Upgrade Tool for Profile Generator with SU25
6 )Authorization Issues:
• Authorization Root cause Analysis
• Adding Missing Authorization Objects
• System Trace (ST01) and Missing Authorization issues with SU53
7) Authorizations and Profiles:
• Authorization Hierarchy
• Maintain Authorization Profiles and Authorizations with SU02,  
• Auth. Obj. Check under Transactions with SU24
• Upgrade Tool for Profile Generator with SU25
8) Table and Reports Management:
• Handling Weekly \ Monthly reports for User Information   
           System with SUIM
• Handling SE16, SE16N reports
• Table level access restrictions with S_TABU_DIS
• Use of Users and Role Comparisons
• Analysis on Change Documents and Where Used list activities
• USR*, AGR*, USH* and Client Management Tables
• Evaluation Security Reports RSUSR002,RSUSR040, RSUSR003.
9) Audit requirements:
• Customer measurement with USMM
• User classification under Customer measurement
• Security Audit Configuration with SM19
• Analysis of Security Audit Log with SM20
• Online System Log Analysis with SM21
10) Overview of the SAP-HR, SAP-SRM SECURITY:

• Overview of SAP-HR, SRM Security
• Org. chart assignments in SRM Assignments
• Indirect assignment of standard HR Roles to Organizational Objects

11) Overview of the GRC:
• Overview of SOX-SOD
• Classification of SOX Rules
• Introduction to GRC AC 10

Scroll to Top
× How can I help you?