<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2800.1515" name=GENERATOR>
<STYLE>@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in 1.25in; }
P.MsoNormal {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
LI.MsoNormal {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
DIV.MsoNormal {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
COLOR: windowtext; FONT-FAMILY: Arial
}
DIV.Section1 {
page: Section1
}
</STYLE>
</HEAD>
<BODY lang=EN-US vLink=purple link=blue>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2>Hmmm... ok folks so this is purely my personal opinion,
but....</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2>This sounds like the classic trade-off between security and
functionality, </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2>i.e. no one has access = totally secure = totally
useless. </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=704561607-16092005><FONT face=Arial
color=#0000ff size=2>Auditor in need of re-educating. </FONT></SPAN></DIV><!-- Converted from text/rtf format -->
<P><SPAN lang=en-us><FONT face=Arial size=1>Regards,</FONT></SPAN> <BR><SPAN
lang=en-us><B><FONT face=Arial color=#000080 size=1>Jocelyn
Dart</FONT></B></SPAN> <BR><SPAN lang=en-us><FONT face=Arial color=#808080
size=1>Senior Consultant</FONT></SPAN> <BR><SPAN lang=en-us><B><FONT face=Arial
color=#808080 size=1>SAP Australia Pty Ltd.</FONT></B></SPAN> <BR><SPAN
lang=en-us><FONT face=Arial color=#808080 size=1>Level 1/168 Walker
St.</FONT></SPAN> <BR><SPAN lang=en-us><FONT face=Arial color=#808080
size=1>North Sydney </FONT></SPAN><BR><SPAN lang=en-us><FONT face=Arial
color=#808080 size=1>NSW, 2060</FONT></SPAN> <BR><SPAN lang=en-us><FONT
face=Arial color=#808080 size=1>Australia</FONT></SPAN> <BR><SPAN
lang=en-us><FONT face=Arial color=#808080 size=1>T +61 412 390
267</FONT></SPAN> <BR><SPAN lang=en-us><FONT face=Arial color=#808080
size=1>M + 61 412 390 267</FONT></SPAN> <BR><SPAN lang=en-us><FONT
face=Arial color=#808080 size=1>E jocelyn.dart@sap.com</FONT></SPAN>
<BR><SPAN lang=en-us><FONT face=Arial color=#808080 size=1><A
href="http://www.sap.com/">http://www.sap.com</A></FONT></SPAN> </P>
<P><SPAN lang=en-au><FONT face="Times New Roman" color=#ff0000 size=1>The
information contained in or attached to this electronic transmission is
confidential and may be legally privileged. It is intended only for the person
or entity to which it is addressed. If you are not the intended recipient, you
are hereby notified that any distribution, copying, review, retransmission,
dissemination or other use of this electronic transmission or the information
contained in it is strictly prohibited. If you have received this electronic
transmission in error, please immediately contact the sender to arrange for the
return of the original documents. </FONT></SPAN></P>
<P><SPAN lang=en-au><FONT face="Times New Roman" color=#ff0000 size=1>Electronic
transmission cannot be guaranteed to be secure and accordingly, the sender does
not accept liability for any such data corruption, interception, unauthorized
amendment, viruses, delays or the consequences thereof.</FONT></SPAN></P>
<P><SPAN lang=en-au><FONT face="Times New Roman" color=#ff0000 size=1>Any views
expressed in this electronic transmission are those of the individual sender,
except where the message states otherwise and the sender is authorized to state
them to be the views of SAP AG or any of its subsidiaries. SAP AG, its
subsidiaries, and their directors, officers and employees make no representation
nor accept any liability for the accuracy or completeness of the views or
information contained herein. Please be aware that the furnishing of any pricing
information/ business proposal herein is indicative only, is subject to change
and shall not be construed as an offer or as constituting a binding agreement on
the part of SAP AG or any of its subsidiaries to enter into any relationship,
unless otherwise expressly stated. </FONT></SPAN></P>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> sap-wug-bounces@mit.edu
[mailto:sap-wug-bounces@mit.edu] <B>On Behalf Of </B>Martinek,
Jerry<BR><B>Sent:</B> Friday, 16 September 2005 2:52 AM<BR><B>To:</B>
sap-wug@mit.edu<BR><B>Subject:</B> Authorizations For SWO1 - Delegation
Execution<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV class=Section1>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Hi,</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">I’m interested in finding out how
other SAP clients are dealing with this scenario/issue. </SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Our security group removed the
authorization object S_TABU_CLI from all of our roles in all of our SAP systems
(development and production) due to a perceived security risk. The external
auditor who reviewed the SAP authorizations mentioned that this authorization
object poses a risk so our security group removed it from all SAP
environments.</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">This decision basically removes our
ability to execute SAP functionality that updates cross client
tables.</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">The immediate impact to me is that I
can’t execute the ‘DELEGATION’ function in SWO1 because you need to have the
S_TABI_CLI authorization object in your role. Now I need to request a temporary
authorization change in order to complete the delegation function.
</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Is this the norm or was it just a
bad auditor?</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Thanks,</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Jerry Martinek
</SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"></SPAN></FONT> </P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN lang=EN-CA
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </SPAN></FONT></P></DIV></BODY></HTML>