SAP
Critical Transactions
|
TCode
|
Risk Description
|
|
CA87
|
Mass Replace Work Center
|
|
CAT6
|
Human Resources
|
|
CL04
|
Delete Class
|
|
F.34
|
Credit Limit Mass Changes
|
|
F.80
|
Mass Reversal of Documents
|
|
F044
|
Vendor Archiving
|
|
FI12
|
Change House Banks/Bank Accounts
|
|
IP30
|
Run Date Monitoring
|
|
LN08
|
Number range maint.: LVS_LENUM
|
|
MMPV
|
Close Periods
|
|
MMRV
|
Allow Posting to previous Period
|
|
PA20
|
Display HR Master Data
|
|
PA30
|
Maintain HR Master Data
|
|
PA70
|
Fast Entry
|
|
PA97
|
Compensation Administration - Matrix
|
|
PFCG
|
Role Maintenance - System integrity, stability at risk
|
|
RZ04
|
Maintain SAP Instances
|
|
SA38
|
ABAP Reporting -Can run programs not protected appropriately
|
|
SARA
|
Archiving Management - Should be restricted to Archive Admin
|
|
SCC1
|
Client Copy - Special Selections
|
|
SCC4
|
Client Admin. - System stability & integrity at risk
|
|
SCC5
|
Delete Client - System stability at risk
|
|
SCC6
|
Client Import - System stability & integrity at risk
|
|
SCC9
|
Remote Client Copy - System stability & integrity at risk
|
|
SCCL
|
Local Client Copy - System stability & integrity at risk
|
|
SE01
|
Transport Organizer - System stability & integrity at risk
|
|
SE11
|
Data Dictionary Maint. - System stabiltiy & integrity at
ris
|
|
SE13
|
Maintain tech tables settings - System stabilitiy at risk.
|
|
SE16
|
Data Browser - Exposure to confidential information
|
|
SE37
|
Function Builder
|
|
SE38
|
ABAP Editor - System stabiltiy & integrity at risk
|
|
SM01
|
Lock Transactions - System stabiltiy at risk
|
|
SM02
|
System Messages - Should be restricted to System Admins only
|
|
SM30
|
Table Maintenance - System integrity & stability at risk
|
|
SM49
|
Execute OS commands - System stability at risk
|
|
SM50
|
Work Process overview - System stability at risk
|
|
SU01
|
User Maintenance - Should be restricted to User Admins only
|
|
SU02
|
Profile Maintenance - System stability and integrity at risk
|
|
SU03
|
Maintain Authorizations
|
|
SU05
|
Maintain Internet user
|
|
SU10
|
User Mass Maint - System stabilty at a very high risk
|
|
SU20
|
Authorization Object fields
|
|
SU21
|
Authorization Objects
|
|
SU24
|
Maintain Assignment of Authorization Objects
|
|
SU25
|
Profile Generator Upgrade and First Installation
|
