Site icon ExpressGRC | SAP Cyber Security Software for SAP Compliance

SAP Back Door Transaction the Auditor Need to Be Aware

When you are auditing for SAP Transaction access within a SAP role or SAP users in the SAP ECC system, as an auditor you should also be aware of some of the back door transactions which are in SAP Systems. These back door transactions can do most or part of the work of the original transactions. If the auditor is now aware of these transactions then users may have sensitive access or Segregation of duties access. When a company wants to create list of sensitive transactions to be monitored the back door transactions need to be reviewed and taken into consideration.  Here are list of back door transaction which needs to be reviewed and monitored.  One of the Easy ways you can analyze the SAP Sensitive transaction in the SAP ECC system is with Transaction SUIM

 

SAP Back Door Transactions

GCE1                                     Maintain User

OIDV                                     Download SAP Tables into MS Access

OMDL                                   C MM-MRP User Maintenance

OMEH                                   C MM-PUR User Maintenance

OMEI                                     C MM-PUR User Profiles

OMG7                                   C MM-PUR Authorizations

OMWF                                  C MM-IV User Maintenance

OMWG                                                 C RM-MAT MW User Profiles

OMWK                                                 C MM-IV Authorizations

OOAU                                   Authorizations

OOPR                                    Authorization Profile Maintenance

OOSB                                    User (Structural Authorization)

OOUS                                    Maintain User

OP15                                     Production User Profile

OPE9                                     Maintain User Profile

OPF0                                     Maintain User

OPF1                                     Authorizations for CAPP

OTZ1                                      C FI Users

OTZ2                                      C FI Profiles

OTZ3                                      C FI Authorizations

OVZ6                                     C SD  Maintain User Profile V_SD_All

OY20                                      Authorizations           Customizing

OY21                                      User profiles            Customizing

OY27                                      Create super user        Customizing

OY28                                      Deactivate SAP*          Customizing

OY29                                      Technical Writer

OY30                                      Technical writer

PFCG                                     Role Maintenance

SU01                                      User Maintenance

SU10                                      User Mass Maintenance

S_XBA_46000014                             Similar to PFCG

S_AHR_61007278                             Similar to SE38

S_ALR_87007328                              Similar to SE37
[vc_row css=”.vc_custom_1512575306373{margin-top: 50px !important;}”][vc_column width=”1/3″][vc_cta h2=”Free Step by Step SAP License Optimization Guide” shape=”square” add_button=”bottom” btn_title=”click here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”left-to-right” btn_add_icon=”true” css=”.vc_custom_1512579904776{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #3a80f1 !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Ffree-sap-license-optimization-guide%2F||” el_class=”c_action”]SAP Customer is liable to pay 70 Million additional SAP licensing fees as a result of what is broadly known as Indirect Access.[/vc_cta][/vc_column][vc_column width=”1/3″][vc_cta h2=”Free SAP GRC 10.0 Step by Step Guide” shape=”square” add_button=”bottom” btn_title=”download here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”bottom-to-top” btn_add_icon=”true” css=”.vc_custom_1512579856805{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #f1b500 !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Fsap-grc-10-1-step-step-guide%2F||” el_class=”c_action”]Are you fed up with being not able to get job? Tired of being disappointed in yourself, because you just can’t seem to get started in the career as SAP  GRC Consultant?[/vc_cta][/vc_column][vc_column width=”1/3″][vc_cta h2=”Financial Loss due to Fraud Risk” shape=”square” add_button=”bottom” btn_title=”click here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”right-to-left” btn_add_icon=”true” css=”.vc_custom_1512579731433{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #1d9e3f !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Ffree-sap-process-control-step-step-guide%2F||” el_class=”c_action”]Using the right kind of SAP Controls in the right way can be trans formative for any SAP System[/vc_cta][/vc_column][/vc_row]

Exit mobile version