Expand +



Handling Keys to the SAP Kingdom

by Gary Byrne, Senior Editor, SAPinsider

April 29, 2011

In the Bible St. Peter was given the keys to the kingdom of heaven. Down here on earth, however, perhaps you’re St. Peter; that is, you hold SAP control keys in your hands. Perhaps you’re a developer who needs to register in the SAP Service Marketplace, but you don’t know the proper procedures to do so.

In his article titled Augment Your Controls Around Management of SAP Developer Keys, Anurag Barua, director of information technology at a global utility company, focuses on the requirements of the SAP Software Change Registration (SSCR) with regard to repository objects and developers. He explains how to augment controls to ensure that your system’s stability and software security are not compromised. In the article Barua states that “despite the considerable risk associated with providing technical personnel with developer keys, some organizations have inadequate controls in this area.” He then lists the following steps to help mitigate this risk:

  • No individual developer should have the authorization to directly register as a developer in the SAP Service Marketplace.
  • There should be a standard request form for requesting a developer key that needs to be approved by an appropriate authority.
  • An inventory of personnel with developer keys s hould be compiled, regularly maintained, and frequently reviewed.
  • Upon termination of service of personnel with a developer key, the key should be removed from the SAP Service Marketplace.

An email has been sent to:

More from SAPinsider


Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!