Determine the clients organizational structure (clients, company codes, purchasing organizations, plants, charts of account, 2 controlling areas, business areas, sales organization, division, storage location, valuation areas, customers, materials and 1 vendors 2 Identify the powerful user IDs in the system. 2 Verification of the users who are able to 2 maintain authorization, user master records 3 and profiles. Identify the users who are able perform batch 2 administrators right, job authorization for 4 delete, lock and release Batch input activities for change, delete and 2 5 lock Verify that no SAP_ALL profile is not 2 6 assigned to any user. 7 Password management controls; determine the 2 following parameters using login/password_expiration_time (default 0, should not be equal to 0) login/min_password_lng (minimal 3, maximal 8, should be between 4 and 6) login/fails_to_session_end (default 3, should be between 3 and 6) login/fails_to_user_lock (default 12, should be less than 12) login/no_automatic_user_sap* (should be set to 1) rdisp/gui_auto_logout (default 0, should not be equal to 0)
Verify if the organizations have defined 2
8 passwords which are not allowed Verify that the passwords of SAP standard 2 9 users have been changed in all clients Verify users that have never logged on, verify 2 users that have never logged on for 90 and 10 180 days Verify which users are able to access the log 2 11 and trace file. Verify which users ID are able to change the 2 12 system settings. Verify which user IDs are able to change the 2 13 system parameter values. Verify which user IDs are able to maintain 2 14 client dependent and independent tables Verify which User IDs are able to change 2 15 number range Verify which User IDs are able to maintain 2 17 operating system commands Verify which User IDs are able to execute 2 18 programs Verify which User IDs are able to maintain 2 customer master data, change customer credit limit, unblock customers, process incoming 19 payments and post customer credit memo Verify which User IDs are able to maintain 2 vendor master record, post good receipt, accounts payable voucher entry, post out 20 going payments Verify that user groups are defined according 2 21 to organizational requirement Verify that each client has the option changes 2 and transports for client dependent objects set to automatic recording of changes for configuration clients and no transports 22 allowed for training and education clients. Verify whether company codes are productive 2 23 or not. 2 Verify which user-IDs are able to perform Authorization to release tasks, Authorization to release and export change requests, Authorization to change owner for task, Authorization to change owner for change request, Authorization to add user to change 24 request.
B. REVIEW OF ADM DOCUMENTS (ADM940- 8DAYS, ADM950-
6DAYS, ADM960-9DAYS) DURATION: 15TH AUGUST 2016 15TH SEPTEMBER 2016 30DAYS FOR THE JOB TO BE COMPLETED (15TH SEPTEMBER)
C. SAP SECURITY EXAMS PREPARATION (3 WEEKS)
15TH SEPTEMBER 6TH OCTOBER D. REMIND MANAGEMENT OF THE EXAM ON THE 23RD OF SEPTEMBER 2016 E. EXAM PROPOSED DATE IS 7TH OCTOBER.