|
| Security in SAP is a complex area and requires specialized knowledge and training. SAP provides highly granular and detailed security functionalities, which can be configured as per organization’s requirements. |
|
| Some of the key concepts in SAP security are as follows : |
|
 |
SAP architecture: A typical SAP system is based on three-tier architecture. SAP provides flexibility in designing system landscape, which can be very complex for large organizations. SAP is compatible with all major hardware, OS, and database. |
|
Authorizations: SAP authorization concept allows users to perform their work while securing transactions and programs from unauthorized access. It is a complex and scalable concept where approximately 2,000 authorization objects controls access to more than 100,000 transactions. The authorization components include user master records, roles (single and composite), profiles, authorizations, authorization objects and field values (activity, organization value, etc) and can be customized to organization’s requirement. |
|
Segregation of Duties (SoD): SoD ensures that no one individual has complete control over major phase of a process and is enforced through a combination of authorizations and mitigating controls. |
|
 |
|
| |
| SAP Security Clearing the Confusion |
|
Click here to download the slides for evening talk presented by Barun at ISACA Singapore in Mar’11 for an overview of various aspects of SAP security. |
|
|
|
| |
|
Profile parameters: Profile parameters control various security functionalities such as password controls, session security, auditing, etc. |
|
Super users: SAP is shipped with many default super users, which serve specific purpose. It is important to secure these users. In addition to changing default passwords, additional measures are required for some super users like SAP*. |
|
Auditing: Auditing is an important tool and SAP provides multiple auditing options. Some of the auditing features are change documents, document flow, security audit logs, table logs, transaction usage logs, etc. |
|
Change management: Client setting and transport path are important to control unauthorized changes in SAP. Client setting can help ensures that changes cannot be made directly in SAP production system. |
|
Business Process Controls: In SAP environment, several controls are automatically performed during data input – some of these are inherent while others are specifically configured during implementation (and are specific to an organization’s business requirements). In addition, SAP provides many exception/ reconciliation/ summary reports, which assists in enforcing and monitoring internal controls. These controls are generally referred as business process controls and are important to reduce cost of enforcing and managing internal controls. |
| MANTRAN conducts both public and customized-corporate SAP security trainings covering all these concepts and more. |
|
| |
| Why attend? |
|
|
| As more and more organizations use SAP to support their business processes, there is a growing need for SAP security professional. Global demand for SAP security & controls professionals is increasing and this workshop is a big step in becoming one. |
|
| This SAP Security & Controls workshop covers various key concepts in SAP security & controls. This workshop aims to equip participant with in-depth understanding of key aspects of SAP security and controls. The workshop includes live demo and hands-on exercises to assist participant in applying the learning. |
|
| Some of the benefits of attending this workshop are as follows: |
|
|
Gain in-depth knowledge of SAP security and controls functionalities |
|
Simulate real life scenarios in dealing with security and controls issues in SAP |
|
Real-time demos and exercises to demonstrate key concepts |
|
Complementary SAP security & controls aids. |
|
| All participants will receive a certificate of completion upon successful completion of the training. |
| |
| Some of the past trainings |
|
| |
Location |
Date |
|
Singapore (SAP GRC Access Controls) (Corporate Training) |
8 – 10 May 2013 |
|
Singapore (Security & Auditing) |
10 – 12 Apr 2013 |
|
Singapore (Corporate Training) |
17 – 18 Jan 2013 |
|
Singapore (Corporate Training) |
7 – 8 Jan 2013 |
|
Singapore (Security & Auditing) |
12 – 14 Sep 2012 |
|
China – Shanghai (Corporate Training) |
9 – 13 Jul 2012 |
|
Singapore (Security & Auditing) |
25 - 27 Apr 2012 |
|
Singapore (Corporate Training) |
12 - 14 Mar 2012 |
|
Singapore - BASIS and Authorizations |
8 - 9 Sep 2011 |
|
China – Shanghai (Corporate Training) |
16 – 20 May 2011 |
|
Singapore (Business Process Controls) |
21 - 22 Apr 2011 |
|
India - Bangalore (Corporate Training) |
28 Feb – 4 Mar 2011 |
|
Singapore – BASIS and Authorizations |
24 – 25 Feb 2011 |
|
Indonesia - Jakarta (Corporate Training) |
20 - 24 Sep 2010 |
|
Singapore (Business Process Control) |
2 – 3 Sep 2010 |
|
India - Bangalore (Corporate Training) |
10 - 14 Aug 2010 |
|
India - Mumbai (For ISACA) |
24 - 25 Jul 2010 |
|
Singapore – BASIS and Authorizations |
22 – 23 Jul 2010 |
|
|
| Registration/ Inquiry |
|
|
| please complete the form below to discuss your requirements |
|
|
| |
|
