SAP Security Career Growth

Similar Messages

• Career growth in SAP Security.

  Hi,
  I have done MCA.I joined MNC as a fresher. Then I got training on SAP ABAP. But I am alloted to a project and working on SOX compliance in application security (for SAP system) i.e. monitoring and internal auditing. Here I have exposer to diffrent IT application security control, GRC, etc.
  Now I am really confused with my future growth. At this stage of my start of career I am not able to decide whether I should switch to SAP security or be with SAP ABAP once I rolled off from this project.
  Will you please guide me for choosing the best career path? and future growth in SAP security?

  Hai
  Try to Work on what u got ,after 2 Years there is  a huge recruitment for SAP Supporti n BI.
  There is a lot of Benifits in BI Compared to any other module  .Since it is technofunctional module(Very Good in Market)
  Assign Points if it is Useful
  Thank u
  Naveen

• SAP Basis career path Options

  Hi All,
  Can anyone tell me, what are all the SAP Basis career path options available in future for a Basis/NetWeaver Administrator?
  Regards,
  Rajkumar

  Hello Rajkumar Bhumij
  There are n number of skills you can focuses inside sap basis, listing a few important ones
  1)Sap abap and java adminstration
  2)sap solution manager skills
  3)sap security
  4)sap database adminstration
  5)unix linux and operating systems skills can add very well for your career growth in sap basis.
  Also have a look at new things like sap hana(High Performance Analytic appliance) and cloud computing skills so that for life time you can stand in the same domain.Go ahead .
  all the best
  alen

• Advice on SAP GRC career

  Hello,
  My name is Vijay and I am from Denver, CO. I will be graduating with a Master's degree in Information Systems next month from Colorado State University. I have got a job as a ITPA Associate with a big four firm. My job description reads
  1. Assisting clients in matters of Data Assurance, ERP Controls, IT Risk and Security Assurance,Data Protection and Privacy, Project Assurance, and Advanced Risk and Compliance Analytics
  2. Providing ERP controls services to help audit and non-audit clients address risk and control needs around ERP systems
  3. Assessing, recommending, designing and configuring controls as they relate to businessprocesses, ERP application security, and Governance, Risk and Compliance (GRC)".
  4.Designing and assessing control related services around major ERP systems; and
  5.Translating business requirements to efficient and integrated ERP control frameworks.
  I am very new to SAP GRC. Can you please guide me through how to form a career path in SAP GRC?
  Thanks,
  Vijay

  Hi Vijay,
  SAP GRC is  good career path however you start your career basically as a sap security junior associate and finally lands up in the jobs like:
  SAP Security and Controls Consultant
  Senior SAP Security and Controls Consultant
  SAP Security and Controls Administrator
  SAP Security & GRC Consultant
  SAP GRC Manager
  SAP Process Controls Experts
  SAP Advisory Manager - IT Risk Transformation etc.
  Thanks & Regards
  Subhasish

• SAP XI and SAP Security...

  Hi Friends..
  Iam an ABAP Developer in U.S. and planning to change my field into either SAP XI or SAP Security...
  Can you please suggest me depending on the current market which field is better to choose and which one is in demand and has good pay..
  I appreciate your proper guidance for the change of my career..
  Thanks,

  Kanthi,
  SAP XI seems to be doing pretty well and should be able to find something eventually. That is not to say that SAP Security in not a good choice, but jumping into SAP Security would be a totally new concept (unless you have already been exposed to that area as part of your ABAP experience)

• Looking for SAP security certification - Please guide me !!!

  Hello,
  This is Harsha from Bangalore, India.
  I am currently working as a system administrator with CISCO System, Bangalore with an overall experience of 5 years.
  I am interested in taking the SAP security model. Please assist me regarding the same with guidance to a proper career path.

  Thats a very generic and vague question.
  But to sart with, get trained in SAP Security. You might even go for Certification if you have the time and money for that.  And then just float your Resume.
  pk

• Where is com/sap/security/core/server/secstorefs/SecStoreFS?

  Hi,
  I am trying to create a Java client in NWDS that retrieves a DataSource object via JNDI from my XI 3.0 system.
  I have added the jars I could think of (connector.jar, jta.jar, sapj2eeclient.jar, sapopensta.jar, etc.) to my build path.
  When I attempt to retrieve the DataSource object via my Context I get the following exception:
  java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFS
       at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
       at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
       at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
       at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
       at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:113)
       at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
       at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
       at com.hclaxon.xi.tools.CommsChannelConfigurator.createDBConnection(CommsChannelConfigurator.java:382)
       at com.hclaxon.xi.tools.CommsChannelConfigurator.run(CommsChannelConfigurator.java:425)
       at com.hclaxon.xi.tools.CommsChannelConfigurator.main(CommsChannelConfigurator.java:465)
  Exception in thread "main"
  Could someone please tell me which jar contains the class mentioned above?
  thanks
  Brian

  Hi all,
  Update to original question. I realised I was using a newer version of the openSQL api, so changed that.
  Now I get a different execption:
  java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFSException
       at java.lang.Class.getDeclaredConstructors0(Native Method)
       at java.lang.Class.privateGetDeclaredConstructors(Class.java:1618)
       at java.lang.Class.getConstructor0(Class.java:1930)
       at java.lang.Class.newInstance0(Class.java:278)
       at java.lang.Class.newInstance(Class.java:261)
       at com.sap.sql.connect.OpenSQLDataSource.newInstance(OpenSQLDataSource.java:148)
       at com.sap.sql.connect.OpenSQLDataSource.newInstance(OpenSQLDataSource.java:133)
       at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:102)
       at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
       at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
  Can anyone tell me where this class is?
  thanks
  Brian

• Com.sap.security.core.ume.service failed. J2EE Engine cannot be started

  Hi,
  I have configured SNC on NetWeaver 7.0 (ABAP+JAVA) System on Windows 2003 Server with MS-SQL 2005 Database.
  After the SNC configuration restarted the Server but the JAVA Server process is going down with EXIT Code -11113. The SNC Configuration is working fine but JAVA is not running. SDM and dispatcher are in green but server process is going gray.
  I have checked the log files under C:\usr\sap\SID\DVEBMGS00\j2ee\cluster\server0\log
  The following is the part of log file.
  #1.5#005056BA6C3F001D0000000F000008D8000489ACAFC86070#1277274683393#com.sap.engine.core.service630.container.ServiceRunner##com.sap.engine.core.service630.container.ServiceRunner#######SAPEngine_System_Thread[impl:5]_71##0#0#Error#1#/System/Server#Java###Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
  [EXCEPTION]
  #1#com.sap.engine.frame.ServiceException: <Localization failed: ResourceBundle='com.sap.engine.frame.KernelResourceBundle', ID='UME initialization failed.', Arguments: []> : Can't find resource for bundle java.util.PropertyResourceBundle, key UME initialization failed.
       at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:372)
       at com.sap.engine.frame.ApplicationFrameAdaptor.start(ApplicationFrameAdaptor.java:31)
       at com.sap.engine.core.service630.container.ServiceRunner.startApplicationServiceFrame(ServiceRunner.java:214)
       at com.sap.engine.core.service630.container.ServiceRunner.run(ServiceRunner.java:144)
       at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
       at com.sap.engine.core.thread.impl5.SingleThread.execute(SingleThread.java:79)
       at com.sap.engine.core.thread.impl5.SingleThread.run(SingleThread.java:105)
  Caused by: com.sap.security.core.persistence.datasource.PersistenceException: SNC required for this connection
       at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178)
       at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.init(R3PersistenceBase.java:446)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.<init>(PrincipalDatabagFactoryInstance.java:356)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.newInstance(PrincipalDatabagFactory.java:156)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:109)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:56)
       at com.sap.security.core.InternalUMFactory.initializeUME(InternalUMFactory.java:266)
       at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:279)
       ... 6 more
  #1.5#005056BA6C3F001D00000011000008D8000489ACAFC8628E#1277274683393#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######SAPEngine_System_Thread[impl:5]_71##0#0#Fatal#1#/System/Server#Plain###Critical shutdown was invoked. Reason is: Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.#
  Please help me to solve the issue.
  Thanks,
  Ajay.

  Hi Tim,
  I have configured using Kerberos library for 32 bit on Net Weaver 7.0 with MS SQL 2005 Server on Windows 2003 Server. I didnt change any thing on JAVA side. I have configured as per the Kerberos configuration steps  as per below URL
  http://help.sap.com/saphelp_nw70ehp2/helpdata/en/44/0ebf6c9b2b0d1ae10000000a114a6b/frameset.htm
  The configuration was successful and I am able to login with out asking password, but After the configuration when I have restarted every thing on ABAP side works well but JAVA server process going down with EXIT code -11113. One of the log file contains follows error message.
  com.sap.engine.frame.ServiceException: <Localization failed: ResourceBundle='com.sap.engine.frame.KernelResourceBundle', ID='UME initialization failed.', Arguments: []> : Can't find resource for bundle java.util.PropertyResourceBundle, key UME initialization failed.
       at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:372)
       at com.sap.engine.frame.ApplicationFrameAdaptor.start(ApplicationFrameAdaptor.java:31)
       at com.sap.engine.core.service630.container.ServiceRunner.startApplicationServiceFrame(ServiceRunner.java:214)
       at com.sap.engine.core.service630.container.ServiceRunner.run(ServiceRunner.java:144)
       at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
       at com.sap.engine.core.thread.impl5.SingleThread.execute(SingleThread.java:79)
       at com.sap.engine.core.thread.impl5.SingleThread.run(SingleThread.java:105)
  Caused by: com.sap.security.core.persistence.datasource.PersistenceException: SNC required for this connection
       at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178)
       at com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.init(R3PersistenceBase.java:446)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.<init>(PrincipalDatabagFactoryInstance.java:356)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.newInstance(PrincipalDatabagFactory.java:156)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:109)
       at com.sap.security.core.persistence.imp.PrincipalDatabagFactory.getInstance(PrincipalDatabagFactory.java:56)
       at com.sap.security.core.InternalUMFactory.initializeUME(InternalUMFactory.java:266)
       at com.sap.security.core.server.ume.service.UMEServiceFrame.start(UMEServiceFrame.java:279)
       ... 6 more
  [Framework -> criticalShutdown] Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
  Jun 25, 2010 3:05:24 AM             com.sap.engine.core.Framework [SAPEngine_System_Thread[impl:5]_69] Fatal: Critical shutdown was invoked. Reason is: Core service com.sap.security.core.ume.service failed. J2EE Engine cannot be started.
  One of the line says "SNC required for this connection". What does this mean? What else need to be done for JAVA to communicate with ABAP?
  Thanks,
  Ajay.

• Com/sap/security/core/server/secstorefs/SecStoreFS?

  Hi,
  I am trying to create a Java client in NWDS that retrieves a DataSource object via JNDI from my XI 3.0 system.
  I have added the jars I could think of (connector.jar, jta.jar, sapj2eeclient.jar, sapopensta.jar, etc.) to my build path.
  When I attempt to retrieve the DataSource object via my Context I get the following exception:
  java.lang.NoClassDefFoundError: com/sap/security/core/server/secstorefs/SecStoreFS
  at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
  at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
  at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
  at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
  at com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl.createManagedConnection(ManagedConnectionFactoryImpl.java:113)
  at com.sap.engine.services.dbpool.spi.DefaultConnectionManagerImpl.allocateConnection(DefaultConnectionManagerImpl.java:26)
  at com.sap.engine.services.dbpool.cci.ConnectionFactoryImpl.getConnection(ConnectionFactoryImpl.java:51)
  at com.hclaxon.xi.tools.CommsChannelConfigurator.createDBConnection(CommsChannelConfigurator.java:382)
  at com.hclaxon.xi.tools.CommsChannelConfigurator.run(CommsChannelConfigurator.java:425)
  at com.hclaxon.xi.tools.CommsChannelConfigurator.main(CommsChannelConfigurator.java:465)
  Exception in thread "main"
  Could someone please tell me which jar contains the class mentioned above?
  thanks

  Hi,
  Please try this, it may usefull for u.
  tc_sec_secstorefs.jar in SDM\root\origin\sap.com\tc\sec\secstorefs\tc_sec_secstorefs.sda
  Thanks & Regards,
  Ravi.

• Com.sap.security.core.server.secstorefs.WrongKeyException

  Hi,
  we have done a system copy,while starting the java stack we are getting the below error.
  Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: The encryption key (usually in the key file) is not the key that is required to decrypt the data in the secure store file or the system name (SID) is wrong..
          at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
          at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
          at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
          at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
          at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
          ... 15 more
  Caused by: com.sap.security.core.server.secstorefs.WrongKeyException: The encryption key (usually in the key file) is not the key that is required to decrypt the data in the secure store file or the system name (SID) is wrong.
          at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:2017)
          at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
          at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
          at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
          ... 17 more
  Caused by: com.sap.security.core.server.secstorefs.InvalidStateException: Internal error during the decryption process.
          at com.sap.security.core.server.secstorefs.Crypt.decrypt(Crypt.java:850)
          at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1985)
          ... 20 more
  Caused by: javax.crypto.BadPaddingException: Invalid PKCS\#5 padding length: 30
          at iaik.security.cipher.s.b(Unknown Source)
          at iaik.security.cipher.w.a(Unknown Source)
          at iaik.security.cipher.w.engineDoFinal(Unknown Source)
          at javax.crypto.Cipher.doFinal(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.decrypt(Crypt.java:825)
          ... 21 more
  #1.#000255334607000000000015000640DE00046E8629009A5B#1247422399420#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server#Plain###Loading: ConfigurationManager returned false! #
  #1.#000255334607000000000017000640DE00046E8629009BC2#1247422399421#com.sap.engine.core.Framework##com.sap.engine.core.Framework#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server#Plain###Kernel not loaded. System halted.#
  #1.#00025533460700000000001A000640DE00046E862908A703#1247422399948#com.sap.engine.core.thread.impl5.ThreadManagerImpl##com.sap.engine.core.thread.impl5.ThreadManagerImpl#######Thread[Thread-1,5,main]##0#0#Error##Plain###Unexpected thread activity after interrupt() is executed in shutdown of SAPEngine_System_Thread[impl:5]_ThreadManager:
  Thread[SAPEngine_System_Thread[impl:5]_2]
  Task: com.sap.engine.core.thread.impl5.ActionObject - Processing Task [classname: com.sap.engine.core.cluster.impl6.JoinPortListener | toString: com.sap.engine.core.cluster.impl6.JoinPortListener@252e252e] with classloader [com.sap.engine.boot.CoreClassLoader@21d821d8]#
  Regards,
  Sam

  Hi,
  Check with this note,
  Note 791574 -
  Also
  Secure Storage for Application Specific Data
  Applications or application components, deployed on the J2EE Engine, can save sensitive data
  in encrypted form in a secure storage area in the J2EE Engineu2019s configuration database. The
  data saved in this area is encrypted using a secret key that is created explicitly for the application
  or service. The J2EE Engine uses the triple DES algorithm to perform the encryption.
  You can use two approaches for storing and maintaining the encrypted data for the individual
  applications or application components:
  u2022 Centralized storage
  With centralized storage, applications or application components use the Secure Storage
  service on the J2EE Engine to encrypt and decrypt the data. This data is also stored in the
  corresponding secure storage context on the J2EE Engine. You can control the
  parameters of this secure storage area from the properties of the Configuration Manager.
  For more information
  u2022 Decentralized storage
  With decentralized storage, the applications and application component maintain their own
  storage area for the encrypted data. They only uses the Secure Storage service on the
  J2EE Engine to retrieve the key, which is necessary to encrypt and decrypt the data.
  Regards,
  Ravi

• What are the Essentials for a Sap Security Consultant.

  Hi Gurus,
  I have completed a Implementation in which I alone handled the entire Security . It is a defense client .
  Now I am technically expert at security. But I have no functional knowledge.
  Implementing Security in SAP one needs to have knowledge of funtional process as well. The course that are purely technical stuff and I have good idea of techincal stuff.
  The Question is what is a Sap Security Consultant expected to know . And how to go about acquiring that knowledge?

  Hi Hussain,
  There is a little bit of release-dependent-everything in this thread: Authorization for VAP2 in conflict with VD02 for F_KNA1_GRP
  Try solve it and you will understand that you need the requirements (without that you are anyway doomed) and the knowledge and the appropriate access to create / test it.
  BAPI's are remote enabled stable interfaces to SAP standard functionality. They are the best examples of combining functional, technical and standard skills in a sustainable way without creating a mess (a mess, way beyond the bounds of your concerns...).
  If you learn to use the available tools and information sources, then you dont need to stress about the essentials, even if your customer makes a design error before or after your advice.
  Cheers,
  Julius

• Need advice on SAP BW career

  Hi everyone, i just wanted your opinion on some SAP BW career questions,
  1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
  2) Do i need to know SQL language?
  3) Do i need to know ABAP language?
  Thanx for you inputs.

  Hi
  1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
  Desirable but not required
  2) Do i need to know SQL language?
  Desirable but not required
  3) Do i need to know ABAP language?
  Very helpful but not necessity
  Assign points if useful
  Regards
  N Ganesh

• Post-upgrade ToDo, PI configuration Wizard: com.sap.security.api.DuplicateKeyException Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!

  after PI-Upgrade to NW-PI-731-SP07,  executing the PI-configuration wizard:
  step 126 of 162
  Assign SLD Data Supplier user to Group SAP_SLD_DATA_SUPPLIER (local SLD)
  Error:
  Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
  Execute Java Service
  Library: sap.com/tc~lm~ctc~util~core_ear
  Class: com.sap.ctc.util.core.services.UserFacade
  Method: void com.sap.ctc.util.core.services.UserFacade.addUserToGroup(java.lang.String, java.lang.String)
  Arguments (2)
  userName : SLD_DS_EXE
  groupName : SAP_SLD_DATA_SUPPLIER
  InvokeService- Result: ERROR
  Refresh Env. Messages: false
  Duration: 1.936 sec
  Library Info
  Default Trace
  Exception Class: com.sap.security.api.DuplicateKeyException
  Exception Message: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
  com.sap.security.api.DuplicateKeyException: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
  at com.sap.ctc.util.infra.rfc.BaseConfig.dispatchException(BaseConfig.java:230)
  at com.sap.ctc.util.core.services.impl.ume.java.GroupJavaImpl.verify(GroupJavaImpl.java:121)
  at com.sap.ctc.util.core.services.impl.ume.DualGroupImpl.verify(DualGroupImpl.java:118)
  at com.sap.ctc.util.core.services.content.ume.UserService.addToGroup(UserService.java:725)
  at com.sap.ctc.util.core.services.UserFacade.addUserToGroup(UserFacade.java:288)
  what to do?
  ============
  o.k.
  https://service.sap.com/sap/support/notes/1016283
  first run the UME consistency check => found some inconsistency => did repair UME
  then run again UME consistency check => found no more inconsistency !!
  the again - try to run the PI-Upgrade-Wizard => but again error on executing .....

  see this sap-notes:
  http://service.sap.com/sap/support/notes/1617234
  http://service.sap.com/sap/support/notes/1661135
  http://service.sap.com/sap/support/notes/1678815
  http://service.sap.com/sap/support/notes/1626747

• I don't have IT education background,can I start SAP as career

  I don't have IT education background,can I start SAP as career

  Hi Vivek,
  Of course!!
  SAP provides a wide range of opportunities for people with different skillset. You have to know that it is not just an IT/software company. Rather SAP provides Business solution software to other companies "SAP Helps Companies Run Better". So SAP field also requires people other than just IT professionals.
  Also read http://scn.sap.com/community/career-center/blog/2012/02/21/how-an-sap-abap-career-can-be-like-a-train-journey
  Thanks & Best Regards,
  Leon

• Advice needed: what does your company log for SAP security role changes?

  My client has a situation where for many years, they never logged changes to SAP security roles.  By that I mean, they never logged even basic details, like who requested a change, tested it, approved it, and what changed!!  Sadly their ticketing system is terrible, completely free-form text and not even searchable. 
  Does anyone here use Word docs, Excel sheets, or some other way to capture security role change details?   What details do you capture?  What about Projects, that involve dozens of changes and testing over several months?
  I plan to recommend, at least, they need to use a unique# (a ticket#, or whatever) for every change and update the same in PFCG role desc tab, plus in CTS description of transports... but what about other details, since they have a bad ticketing system?  I spoke with internal audit and change Mgmnt "manager" about it, and they are clueless and will not make recommendations.  It's really weird but they will get into big trouble eventually without any logs for security changes!

  Does anyone here use Word docs, Excel sheets, or some other way to capture security role change details? What details do you capture? What about Projects, that involve dozens of changes and testing over several months?
  I have questions:
  a) Do you want to make things straight
  b) Do you want to implement a versioning mechanism
  c) You cannot implement anything technical, but you`re asking about best "paper" practise?
  The mentioned scenarios can be well maintained if you use SAP GRC Solutions 10 (Business Role Management)
  Task Based, Approvals, Risk Analysis, SOD and role generation and maintenance in a structured way (Business Role Management). Workflow based, staged process with approvals.
  PFCG transaction usage will be curtailed to minimum if implemented fully.
  Do we really want to do things "outside" PFCG?
  @all:
  a) do you guys use custom approval workflows for roles?
  b) how tight your processes are? how much paperwork, workflow, tickets, requests and incidents you have to go through to change a role?
  c) who is a friend of GRC here, raise your hand
  Cheers Otto
  p.s.: very interesting discussion, I would like to learn something here about how it works out there in the wild