SAP Security Career Growth
Hi Gurus,
Could u please provide Sap Security Consultant Career Growth
I would suggest that a good start would be not asking for points on the security forum if you wish to be taken seriously.
You should also aim to develop the following:
- Good understanding of SAP Authorisation Concept (lots of people don't get the basics right)
- Have an overview of the main business processes
- Understand risk management from a business and a technical perspective (understand not just the how, but the why's of security)
- Appreciation of SAP Audit. If you don't understand what they are looking for then how can you start to secure your system.
You can also look at SAP courses ADM940, ADM950, ADM960
Hope that helps
Similar Messages
-
Career growth in SAP Security.
Hi,
I have done MCA.I joined MNC as a fresher. Then I got training on SAP ABAP. But I am alloted to a project and working on SOX compliance in application security (for SAP system) i.e. monitoring and internal auditing. Here I have exposer to diffrent IT application security control, GRC, etc.
Now I am really confused with my future growth. At this stage of my start of career I am not able to decide whether I should switch to SAP security or be with SAP ABAP once I rolled off from this project.
Will you please guide me for choosing the best career path? and future growth in SAP security?Hai
Try to Work on what u got ,after 2 Years there is a huge recruitment for SAP Supporti n BI.
There is a lot of Benifits in BI Compared to any other module .Since it is technofunctional module(Very Good in Market)
Assign Points if it is Useful
Thank u
Naveen -
Hi All,
Can anyone tell me, what are all the SAP Basis career path options available in future for a Basis/NetWeaver Administrator?
Regards,
RajkumarHello Rajkumar Bhumij
There are n number of skills you can focuses inside sap basis, listing a few important ones
1)Sap abap and java adminstration
2)sap solution manager skills
3)sap security
4)sap database adminstration
5)unix linux and operating systems skills can add very well for your career growth in sap basis.
Also have a look at new things like sap hana(High Performance Analytic appliance) and cloud computing skills so that for life time you can stand in the same domain.Go ahead .
all the best
alen -
Hello,
My name is Vijay and I am from Denver, CO. I will be graduating with a Master's degree in Information Systems next month from Colorado State University. I have got a job as a ITPA Associate with a big four firm. My job description reads
1. Assisting clients in matters of Data Assurance, ERP Controls, IT Risk and Security Assurance,Data Protection and Privacy, Project Assurance, and Advanced Risk and Compliance Analytics
2. Providing ERP controls services to help audit and non-audit clients address risk and control needs around ERP systems
3. Assessing, recommending, designing and configuring controls as they relate to businessprocesses, ERP application security, and Governance, Risk and Compliance (GRC)".
4.Designing and assessing control related services around major ERP systems; and
5.Translating business requirements to efficient and integrated ERP control frameworks.
I am very new to SAP GRC. Can you please guide me through how to form a career path in SAP GRC?
Thanks,
VijayHi Vijay,
SAP GRC is good career path however you start your career basically as a sap security junior associate and finally lands up in the jobs like:
SAP Security and Controls Consultant
Senior SAP Security and Controls Consultant
SAP Security and Controls Administrator
SAP Security & GRC Consultant
SAP GRC Manager
SAP Process Controls Experts
SAP Advisory Manager - IT Risk Transformation etc.
Thanks & Regards
Subhasish -
SAP XI and SAP Security...
Hi Friends..
Iam an ABAP Developer in U.S. and planning to change my field into either SAP XI or SAP Security...
Can you please suggest me depending on the current market which field is better to choose and which one is in demand and has good pay..
I appreciate your proper guidance for the change of my career..
Thanks,Kanthi,
SAP XI seems to be doing pretty well and should be able to find something eventually. That is not to say that SAP Security in not a good choice, but jumping into SAP Security would be a totally new concept (unless you have already been exposed to that area as part of your ABAP experience) -
Looking for SAP security certification - Please guide me !!!
Hello,
This is Harsha from Bangalore, India.
I am currently working as a system administrator with CISCO System, Bangalore with an overall experience of 5 years.
I am interested in taking the SAP security model. Please assist me regarding the same with guidance to a proper career path.Thats a very generic and vague question.
But to sart with, get trained in SAP Security. You might even go for Certification if you have the time and money for that. And then just float your Resume.
pk -
Where is com/sap/security/core/server/secstorefs/SecStoreFS?
Hi,
I am trying to create a Java client in NWDS that retrieves a DataSource object via JNDI from my XI 3.0 system.
I have added the jars I could think of (connector.jar, jta.jar, sapj2eeclient.jar, sapopensta.jar, etc.) to my build path.
When I attempt to retrieve the DataSource object via my Context I get the following exception:
java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFS
at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:113)
at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
at com.hclaxon.xi.tools.CommsChannelConfigurator.createDBConnection(CommsChannelConfigurator.java:382)
at com.hclaxon.xi.tools.CommsChannelConfigurator.run(CommsChannelConfigurator.java:425)
at com.hclaxon.xi.tools.CommsChannelConfigurator.main(CommsChannelConfigurator.java:465)
Exception in thread "main"
Could someone please tell me which jar contains the class mentioned above?
thanks
BrianHi all,
Update to original question. I realised I was using a newer version of the openSQL api, so changed that.
Now I get a different execption:
java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFSException
at java.lang.Class.getDeclaredConstructors0(Native Method)
at java.lang.Class.privateGetDeclaredConstructors(Class.java:1618)
at java.lang.Class.getConstructor0(Class.java:1930)
at java.lang.Class.newInstance0(Class.java:278)
at java.lang.Class.newInstance(Class.java:261)
at com.sap.sql.connect.OpenSQLDataSource.newInstance(OpenSQLDataSource.java:148)
at com.sap.sql.connect.OpenSQLDataSource.newInstance(OpenSQLDataSource.java:133)
at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:102)
at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
Can anyone tell me where this class is?
thanks
Brian -
Hi,
I have configured SNC on NetWeaver 7.0 (ABAP+JAVA) System on Windows 2003 Server with MS-SQL 2005 Database.
After the SNC configuration restarted the Server but the JAVA Server process is going down with EXIT Code -11113. The SNC Configuration is working fine but JAVA is not running. SDM and dispatcher are in green but server process is going gray.
I have checked the log files under C:\usr\sap\SID\DVEBMGS00\j2ee\cluster\server0\log
The following is the part of log file.
#1.5#005056BA6C3F001D0000000F000008D8000489ACAFC86070#1277274683393#com.sap.engine.core.service630.container.ServiceRunner##com.sap.engine.core.service630.container.ServiceRunner#######SAPEngine_System_Thread[impl:5]_71##0#0#Error#1#/System/Server#Java###Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
[EXCEPTION]
#1#com.sap.engine.frame.ServiceException: <Localization failed: ResourceBundle='com.sap.engine.frame.KernelResourceBundle', ID='UME initialization failed.', Arguments: []> : Can't find resource for bundle java.util.PropertyResourceBundle, key UME initialization failed.
at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:372)
at com.sap.engine.frame.ApplicationFrameAdaptor.start(ApplicationFrameAdaptor.java:31)
at com.sap.engine.core.service630.container.ServiceRunner.startApplicationServiceFrame(ServiceRunner.java:214)
at com.sap.engine.core.service630.container.ServiceRunner.run(ServiceRunner.java:144)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl5.SingleThread.execute(SingleThread.java:79)
at com.sap.engine.core.thread.impl5.SingleThread.run(SingleThread.java:105)
Caused by: com.sap.security.core.persistence.datasource.PersistenceException: SNC required for this connection
at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178)
at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.init(R3PersistenceBase.java:446)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.<init>(PrincipalDatabagFactoryInstance.java:356)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.newInstance(PrincipalDatabagFactory.java:156)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:109)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:56)
at com.sap.security.core.InternalUMFactory.initializeUME(InternalUMFactory.java:266)
at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:279)
... 6 more
#1.5#005056BA6C3F001D00000011000008D8000489ACAFC8628E#1277274683393#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######SAPEngine_System_Thread[impl:5]_71##0#0#Fatal#1#/System/Server#Plain###Critical shutdown was invoked. Reason is: Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.#
Please help me to solve the issue.
Thanks,
Ajay.Hi Tim,
I have configured using Kerberos library for 32 bit on Net Weaver 7.0 with MS SQL 2005 Server on Windows 2003 Server. I didnt change any thing on JAVA side. I have configured as per the Kerberos configuration steps as per below URL
http://help.sap.com/saphelp_nw70ehp2/helpdata/en/44/0ebf6c9b2b0d1ae10000000a114a6b/frameset.htm
The configuration was successful and I am able to login with out asking password, but After the configuration when I have restarted every thing on ABAP side works well but JAVA server process going down with EXIT code -11113. One of the log file contains follows error message.
com.sap.engine.frame.ServiceException: <Localization failed: ResourceBundle='com.sap.engine.frame.KernelResourceBundle', ID='UME initialization failed.', Arguments: []> : Can't find resource for bundle java.util.PropertyResourceBundle, key UME initialization failed.
at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:372)
at com.sap.engine.frame.ApplicationFrameAdaptor.start(ApplicationFrameAdaptor.java:31)
at com.sap.engine.core.service630.container.ServiceRunner.startApplicationServiceFrame(ServiceRunner.java:214)
at com.sap.engine.core.service630.container.ServiceRunner.run(ServiceRunner.java:144)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl5.SingleThread.execute(SingleThread.java:79)
at com.sap.engine.core.thread.impl5.SingleThread.run(SingleThread.java:105)
Caused by: com.sap.security.core.persistence.datasource.PersistenceException: SNC required for this connection
at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178)
at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.init(R3PersistenceBase.java:446)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.<init>(PrincipalDatabagFactoryInstance.java:356)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.newInstance(PrincipalDatabagFactory.java:156)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:109)
at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:56)
at com.sap.security.core.InternalUMFactory.initializeUME(InternalUMFactory.java:266)
at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:279)
... 6 more
[Framework -> criticalShutdown] Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
Jun 25, 2010 3:05:24 AM com.sap.engine.core.Framework [SAPEngine_System_Thread[impl:5]_69] Fatal: Critical shutdown was invoked. Reason is: Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
One of the line says "SNC required for this connection". What does this mean? What else need to be done for JAVA to communicate with ABAP?
Thanks,
Ajay. -
Com/sap/security/core/server/secstorefs/SecStoreFS?
Hi,
I am trying to create a Java client in NWDS that retrieves a DataSource object via JNDI from my XI 3.0 system.
I have added the jars I could think of (connector.jar, jta.jar, sapj2eeclient.jar, sapopensta.jar, etc.) to my build path.
When I attempt to retrieve the DataSource object via my Context I get the following exception:
java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFS
at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:113)
at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
at com.hclaxon.xi.tools.CommsChannelConfigurator.createDBConnection(CommsChannelConfigurator.java:382)
at com.hclaxon.xi.tools.CommsChannelConfigurator.run(CommsChannelConfigurator.java:425)
at com.hclaxon.xi.tools.CommsChannelConfigurator.main(CommsChannelConfigurator.java:465)
Exception in thread "main"
Could someone please tell me which jar contains the class mentioned above?
thanksHi,
Please try this, it may usefull for u.
tc_sec_secstorefs.jar in SDM\root\origin\sap.com\tc\sec\secstorefs\tc_sec_secstorefs.sda
Thanks & Regards,
Ravi. -
Com.sap.security.core.server.secstorefs.WrongKeyException
Hi,
we have done a system copy,while starting the java stack we are getting the below error.
Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: The encryption key (usually in the key file) is not the key that is required to decrypt the data in the secure store file or the system name (SID) is wrong..
at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
... 15 more
Caused by: com.sap.security.core.server.secstorefs.WrongKeyException: The encryption key (usually in the key file) is not the key that is required to decrypt the data in the secure store file or the system name (SID) is wrong.
at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:2017)
at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
... 17 more
Caused by: com.sap.security.core.server.secstorefs.InvalidStateException: Internal error during the decryption process.
at com.sap.security.core.server.secstorefs.Crypt.decrypt(Crypt.java:850)
at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1985)
... 20 more
Caused by: javax.crypto.BadPaddingException: Invalid PKCS\#5 padding length: 30
at iaik.security.cipher.s.b(Unknown Source)
at iaik.security.cipher.w.a(Unknown Source)
at iaik.security.cipher.w.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(Unknown Source)
at com.sap.security.core.server.secstorefs.Crypt.decrypt(Crypt.java:825)
... 21 more
#1.#000255334607000000000015000640DE00046E8629009A5B#1247422399420#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server#Plain###Loading: ConfigurationManager returned false! #
#1.#000255334607000000000017000640DE00046E8629009BC2#1247422399421#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server#Plain###Kernel not loaded. System halted.#
#1.#00025533460700000000001A000640DE00046E862908A703#1247422399948#com.sap.engine.core.thread.impl5.ThreadManagerImpl##com.sap.engine.core.thread.impl5.ThreadManagerImpl#######Thread[Thread-1,5,main]##0#0#Error##Plain###Unexpected thread activity after interrupt() is executed in shutdown of SAPEngine_System_Thread[impl:5]_ThreadManager:
Thread[SAPEngine_System_Thread[impl:5]_2]
Task: com.sap.engine.core.thread.impl5.ActionObject - Processing Task [classname: com.sap.engine.core.cluster.impl6.JoinPortListener | toString: com.sap.engine.core.cluster.impl6.JoinPortListener@252e252e] with classloader [com.sap.engine.boot.CoreClassLoader@21d821d8]#
Regards,
SamHi,
Check with this note,
Note 791574 -
Also
Secure Storage for Application Specific Data
Applications or application components, deployed on the J2EE Engine, can save sensitive data
in encrypted form in a secure storage area in the J2EE Engineu2019s configuration database. The
data saved in this area is encrypted using a secret key that is created explicitly for the application
or service. The J2EE Engine uses the triple DES algorithm to perform the encryption.
You can use two approaches for storing and maintaining the encrypted data for the individual
applications or application components:
u2022 Centralized storage
With centralized storage, applications or application components use the Secure Storage
service on the J2EE Engine to encrypt and decrypt the data. This data is also stored in the
corresponding secure storage context on the J2EE Engine. You can control the
parameters of this secure storage area from the properties of the Configuration Manager.
For more information
u2022 Decentralized storage
With decentralized storage, the applications and application component maintain their own
storage area for the encrypted data. They only uses the Secure Storage service on the
J2EE Engine to retrieve the key, which is necessary to encrypt and decrypt the data.
Regards,
Ravi -
What are the Essentials for a Sap Security Consultant.
Hi Gurus,
I have completed a Implementation in which I alone handled the entire Security . It is a defense client .
Now I am technically expert at security. But I have no functional knowledge.
Implementing Security in SAP one needs to have knowledge of funtional process as well. The course that are purely technical stuff and I have good idea of techincal stuff.
The Question is what is a Sap Security Consultant expected to know . And how to go about acquiring that knowledge?Hi Hussain,
There is a little bit of release-dependent-everything in this thread: Authorization for VAP2 in conflict with VD02 for F_KNA1_GRP
Try solve it and you will understand that you need the requirements (without that you are anyway doomed) and the knowledge and the appropriate access to create / test it.
BAPI's are remote enabled stable interfaces to SAP standard functionality. They are the best examples of combining functional, technical and standard skills in a sustainable way without creating a mess (a mess, way beyond the bounds of your concerns...).
If you learn to use the available tools and information sources, then you dont need to stress about the essentials, even if your customer makes a design error before or after your advice.
Cheers,
Julius -
Hi everyone, i just wanted your opinion on some SAP BW career questions,
1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
2) Do i need to know SQL language?
3) Do i need to know ABAP language?
Thanx for you inputs.Hi
1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
Desirable but not required
2) Do i need to know SQL language?
Desirable but not required
3) Do i need to know ABAP language?
Very helpful but not necessity
Assign points if useful
Regards
N Ganesh -
after PI-Upgrade to NW-PI-731-SP07, executing the PI-configuration wizard:
step 126 of 162
Assign SLD Data Supplier user to Group SAP_SLD_DATA_SUPPLIER (local SLD)
Error:
Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
Execute Java Service
Library: sap.com/tc~lm~ctc~util~core_ear
Class: com.sap.ctc.util.core.services.UserFacade
Method: void com.sap.ctc.util.core.services.UserFacade.addUserToGroup(java.lang.String, java.lang.String)
Arguments (2)
userName : SLD_DS_EXE
groupName : SAP_SLD_DATA_SUPPLIER
InvokeService- Result: ERROR
Refresh Env. Messages: false
Duration: 1.936 sec
Library Info
Default Trace
Exception Class: com.sap.security.api.DuplicateKeyException
Exception Message: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
com.sap.security.api.DuplicateKeyException: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
at com.sap.ctc.util.infra.rfc.BaseConfig.dispatchException(BaseConfig.java:230)
at com.sap.ctc.util.core.services.impl.ume.java.GroupJavaImpl.verify(GroupJavaImpl.java:121)
at com.sap.ctc.util.core.services.impl.ume.DualGroupImpl.verify(DualGroupImpl.java:118)
at com.sap.ctc.util.core.services.content.ume.UserService.addToGroup(UserService.java:725)
at com.sap.ctc.util.core.services.UserFacade.addUserToGroup(UserFacade.java:288)
what to do?
============
o.k.
https://service.sap.com/sap/support/notes/1016283
first run the UME consistency check => found some inconsistency => did repair UME
then run again UME consistency check => found no more inconsistency !!
the again - try to run the PI-Upgrade-Wizard => but again error on executing .....see this sap-notes:
http://service.sap.com/sap/support/notes/1617234
http://service.sap.com/sap/support/notes/1661135
http://service.sap.com/sap/support/notes/1678815
http://service.sap.com/sap/support/notes/1626747 -
I don't have IT education background,can I start SAP as career
I don't have IT education background,can I start SAP as career
Hi Vivek,
Of course!!
SAP provides a wide range of opportunities for people with different skillset. You have to know that it is not just an IT/software company. Rather SAP provides Business solution software to other companies "SAP Helps Companies Run Better". So SAP field also requires people other than just IT professionals.
Also read http://scn.sap.com/community/career-center/blog/2012/02/21/how-an-sap-abap-career-can-be-like-a-train-journey
Thanks & Best Regards,
Leon -
Advice needed: what does your company log for SAP security role changes?
My client has a situation where for many years, they never logged changes to SAP security roles. By that I mean, they never logged even basic details, like who requested a change, tested it, approved it, and what changed!! Sadly their ticketing system is terrible, completely free-form text and not even searchable.
Does anyone here use Word docs, Excel sheets, or some other way to capture security role change details? What details do you capture? What about Projects, that involve dozens of changes and testing over several months?
I plan to recommend, at least, they need to use a unique# (a ticket#, or whatever) for every change and update the same in PFCG role desc tab, plus in CTS description of transports... but what about other details, since they have a bad ticketing system? I spoke with internal audit and change Mgmnt "manager" about it, and they are clueless and will not make recommendations. It's really weird but they will get into big trouble eventually without any logs for security changes!Does anyone here use Word docs, Excel sheets, or some other way to capture security role change details? What details do you capture? What about Projects, that involve dozens of changes and testing over several months?
I have questions:
a) Do you want to make things straight
b) Do you want to implement a versioning mechanism
c) You cannot implement anything technical, but you`re asking about best "paper" practise?
The mentioned scenarios can be well maintained if you use SAP GRC Solutions 10 (Business Role Management)
Task Based, Approvals, Risk Analysis, SOD and role generation and maintenance in a structured way (Business Role Management). Workflow based, staged process with approvals.
PFCG transaction usage will be curtailed to minimum if implemented fully.
Do we really want to do things "outside" PFCG?
@all:
a) do you guys use custom approval workflows for roles?
b) how tight your processes are? how much paperwork, workflow, tickets, requests and incidents you have to go through to change a role?
c) who is a friend of GRC here, raise your hand
Cheers Otto
p.s.: very interesting discussion, I would like to learn something here about how it works out there in the wild
Maybe you are looking for
-
Changing resolution to 72 dpi using iPhoto
My daughter is in a photography club and she's entering a photo contest. One of the requirements is that all photos must be 72 dpi. Her teacher uses Photoshop and isn't familiar with iPhoto, so he doesn't know how to tell her/us what to do. Any help?
-
IChat closes spontaneously and doesn't respond to Audio conference Requests
My girlfriend recently bought an older iBook G4 with leopard and ilife '08 (All the good stuff) but every time she attempts to chat on ichat it closes randomly and spontaneously without any error message. On top of this, audio conferences don't seem
-
I am unable to access my balance in iTunes. I can clearly see I have a balance of $13 but it asks for payment. My account info shows I have it.
-
Menu bar mayhem after upgrade to 10.6
I have just gone from 10.5.8 to 10.6.4 via the upgrade path. General OS and Application behaviors are A-OK. All software updates installed OK but a problem persists. The menu bar at the top of the screen is all wacked out. Spotlight icon appears and
-
Reset Password - HP Color LaserJet MFP M277dw
I forgot the printer password and cannot find out how to reset to factory settings (or the password itself) without entering it. How can i reset the password? (To be more precise the password I set is not accepted afterwards but probably I misspelled