Golden parachute- For SAP Security team it more like jogging without shoes

Golden parachute- For SAP Security team it more like jogging without shoes

In most of the clients I have seen the SAP security team gets most of the heat for the SAP security not working as required.  These are the common questions

Why is the role not working properly?

Why do I not have my required transactions?

Why is taking so much time to fix the problem

Do I need to keep testing all the transactions?

I need same access as the other person

Why did I lose my access?

I am superman I need to look at every thing

Can I have SAP_all instead of fixing the problem?

The Problems are mainly due to following

Requirement gathering

Sloppy testing and not negative testing

Lack of training for the end users

Security Team not asking the proper questions

User mapping not done properly

Not following proper change control

Not training Super users to address in security to act as first line of defence

Security team not building the role property and advising the business on all the restrictions available

Manual provisioning of Users

Do you thing if there is more please add more

 

Selva Kumar 
OneAccess-UserManager for SAP 
SAP Certified- Powered by Netweaver 
http://www.softsquare.biz/oneaccess/ 
selva@ softsquare.biz 
Phone: 877 717 5487
Automate and Meditate