Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

Availability of the system audit, SAP security note 754273

Description

The system audit is part of the Audit Information System (AIS). Previously it was only availabe in the SAP software component SAP_APPL (Logistics and Accounting).
Availability is required in all SAP systems (for example, BW, CRM, SEM, and APO). This is achieved by moving the system audit to the SAP_BASIS SAP software component.

What is the Audit Information System (AIS)?

AIS is a tool designed for the internal auditor. It is made up of the AUDIT report tree and contains collection, structuring and default values of SAP standard programs. The approach is geared towards check standards and check requirements.

The AIS targets auditors from the following areas:

  • External audit
  • Tax check
  • Internal auditing/data protection
  • Controlling
  • System audit

Available fix and Supported packages

  • SAP_BASIS | 620 | 640
  • SAP_BASIS 640 | SAPKB64005 |
  • SAP_BASIS 620 | SAPKB62043 |
  • SAP_BASIS 620 | SAPKB62044 |
  • SAP_BASIS 640 | SAPKB64009 |

Affected component

    BC-SEC-AIS
    System Audit Information System

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/754273

TAGS

#AIS
#Audit-Information-System
#Audit-Info-System

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.