Wednesday, 8 October 2025
Sunday, 21 September 2025
Active and configure audit in SAP HANA
Auditing: To Track the record of changes in roles of SAP HANA database.
why do we need to setup auditing:
1. Accountability - User are responsibile for the actions they do.
2.Discourage unauthorized access.
3.Monitoring any suspicious activities.
4.To find the source of breach.
To configure Audits in SAP HANA:
* Need AUDIT ADMIN - system privilege is required.
1. Select the target system, where we need to configure Aduit policy --> 1.expand -->2.Security --> 3.Security as highlighted below.
2.Choose the Auditing table as shown below.
Result of audit logs can be seen by queries in SYS.Audit
Wednesday, 27 August 2025
#3. Authorization in GRC SYSTEM.
Authorization in GRC SYSTEM.
* SAP_GRAC_BASE is the base authorization role.
* SAP_GRAC_NWBC is for base authorization for launching NWBC.
* In GRC system, Access T-code - PFCG
role: SAP_GRAC*
Copy all standard SAP given roles in to customize name space --> then use them for operations.
* To view list of authorization objects of GRC --> SU24(T-code) --> Authorization objects tab --> Authorization objects --> GRAC*
Understanding Authorization Risks:
* Segregation of Duties(SOD) is a concept of separating "incompatible duties".
Example one person doesn't have all three duties.
1. Authorization = approving.
2.Safe keeping = holding the asset (or) Access to the asset.
3.Record keeping = keeping track of the asset /liability.
👇
Then more men power is needed for SOD.
👇
However many stakeholders, did not accept SOD segregation. Which may leads to cost increase.
👇
Conclusion is without increase the cost, need to maintain best risk avoid protocols.
Saturday, 19 July 2025
Subscribe to:
Comments (Atom)