Question:
We are working on being Sarbanes-Oxley Compliant and they are having issues with my security in Production. I am the BW administrator here.
How is everyone handling security for IT personnel in the Production environment of BW?
Do you have authority to reverse loads or perfrom dataloads?
_________________
Mitchell Lehr
BW - Share the love ><
Answer:
Mitchell
SAP BW as no offering for Sarbanes Oxley. I understand there are specific requirements for Sarbanes Oxley reporting the only vendor I know of offering this is Microsoft on top of SQL Server & Analysis Services they offer a Sarbanes Oxley reporting.
I do not understand what as Sarbanes Oxley to do with BW production authorisation. Anyhow BW is so flexible that it does not allow any changes to a cube so Sarbanes Oxley does not have any impact. But perhaps try a BW Operator role if you are so concerned which will allow only production support work.
I hope the issue is clear.
BW Guru
Answer:
I am not worried about reporting for Sarbanes-Oxley. What I am concerned with is authorization. Which functions truly come under a "support" role in BW Production environment?
The issue is primarily with the ability to reverse data loads, perform non-scheduled loads of data, etc. Is this considered part of an Operator's function in Production?
_________________
Mitchell Lehr
BW - Share the love ><
Answer:
I have looked at the SAP_BW_WHM_* roles for production and they don't contain anything about looking at the data itself or how to fix it when something goes wrong in a load - unless I am missing something.
_________________
Mitchell Lehr
BW - Share the love ><
Answer:
Give maintain access only to infopackage the rest is display that
should be easy to setup. I know BW authorisations are a bit wart
but it should not be a major issue.
BW Guru
Answer:
BW is not the system of record so why should it fall under sarbanes oxley.
More and more we are seeing that line vanishing.
Dont forget that now days we can write to bw thru transactional data targets. Dont forget the retractors which write back data to R3.