Answer Posted / aichik_am

SoX - refer to Sarbanes OXley act in the earlier 2000+-.
Where it impact all US companies either they operated in US
or outside (on other countries). Some people think this act
is significant, after fall down of big companies such as
Enron etc..

SoD - refer to Segregation of Duties. Basically one person
cannot have access to the whole process. The task need to be
segregated so that there is check and balance.

VIRSA - is one of third party tools used to check for SoX
compliance in a company. Other then this, there are also
other product such as APPROVA and SecurInfo. Nowadays VIRSA
have been brougt by SAP, and rebrand it as GRC (Governance,
Risk and Control).

You wan to transport user groups from transaction sugr? Would this impact the groups tab in su01? What would you do?

1206

---

What is sap internet transaction server?

1187

---

What are some ap security t codes?

1177

---

Hi Experts, can any one let me know the Tables which we use for compliance calibrator & Access enforcer of grc and please let me know the background jobs of grc, Please it's urgent so please answer as soon as possible to these questions , I really appreciate your help, Thanks karunakar

2294

---

what are the pre-requisites that should be taken before assigning sap_all to a user even there is an approval from authorization controllers?

1076

---

1) Explain different type of Users? Explain specifically Service User? 2) Difference between System and Communication User?Explain in Context of Profile Parameter? 3) There are 5 systems say BI, SOLMAN, CRM, PI, SRM etc etc. Which system will act as a satellite system in CUA and Why? HOw CUa system works? 4) State different types of Transactions & Tables in Strutural Authorization Profile in HR Security? 5) What is L0 , L1 , L2 , L3 , L4 code called in HR Security? 6) What fields are required to create Strutural Authorization Profile in HR Security? State significance of Evaluation Path? 7) What is Structural Authorization Profile in HR Security? When required Role has already been assigned to User then why Structural Authorization Profile is required by user? 8) How are structural Authorization Profile are created? 9) Important Authorization Object in HR Security? 10) Fields in P_ORGIN A.O? 11) Important infotypes and What is PA? 12) How access is provided for tables to user? Significance of Authorization Group in TDDAT table? 13) Difference between SU22 and SU24? 14) Explain Authorization Structure? 15) Which table stores the Authorization Object of a User? 16) What we do to keep Roles consistent in DEV QAS and PRD? 17) A User has create and display access? Will he have access to change as well? 18) How User can have access to view salary slip of other employees(HR Security)?Explain in detail. 19) In HR security does we add Employee ID anywhere in Roles? 20) Any issue you have faced while Transport? 21) Have you faced any issue in Upgrade? Expalain how to compare Roles from older version of SAP to new version of SAP? 22) Any typical issue you have resolved in HR Security?

5060

---

Which t-code can be used to delete old security audit logs?

1490

---

What is use of derived roles?

1251

---

What is the Functionality difference between ECC 5 and ECC6? i.e. new functionality in ECC6 which is not in ECC 5.

4467

---

Explain protecting public keys?

1277

---

When would you update a sap table directly? What precautions would you taje?

1220

---

What authorization is required to create and maintain user master records?

1108

---

Userdone tasks with ffid n system send log reports to controller in his work inbox but whenever its open its showing blank screen, why?

2166

---

Why is it important to delete sap-new profile? What steps will you take to do this?

1136

---

Can you anybody tell me what are the questions frequently asked 3 years of SAP Security experienced level in INFOSYS company.

1145

---