Nicht aus der Schweiz? Besuchen Sie lehmanns.de
SAP Security and Risk Management - Mario Linkies, Horst Karin

SAP Security and Risk Management

Buch | Hardcover
742 Seiten
2010
SAP Press (Verlag)
978-1-59229-355-1 (ISBN)
CHF 97,90 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
* Explains best practices for SAP system security * Offers examples and solutions for the implementation of security technologies in all SAP components * Contains new chapters on SAP NetWeaver, SAP BusinessObjects, GRC solutions, and much more The revised and expanded second edition of this best-selling book describes all requirements, basic principles, and best practices of security for an SAP system. You ll learn how to protect each SAP component internally and externally while also complying with legal requirements; furthermore, you ll learn how to master the interaction of these requirements to provide a holistic security and risk management solution. Using numerous examples and step-by-step instructions, this book will teach you the technical details of implementing security in SAP NetWeaver. Comprehensive Description Learn where and how you can secure processes or improve the security of existing SAP systems. This description includes both sample risk potentials with their possible effects, as well as the corresponding control measures. Tried and Tested Solutions Understand the proven methods of an SAP security strategy, as well as international guidelines and standards.
Step-by-step examples describe how to technically implement security solutions. Up-to-Date Information Explore new technologies, as well as SAP products and procedures, and learn how you can integrate them with your risk analysis. ERM Navigation Control Map Take advantage of the ERM Navigation Control Map, included as a supplement to the book, which presents the technical, process-oriented, organizational, and legal aspects of SAP components and security solutions. Highlights * Risk and Control Management, GRC, Enterprise Risk Management * SAP NetWeaver AS, Solution Manager, PI, Portal, MDM * SAP BusinessObjects, SAP NetWeaver BW * Web Services, Enterprise Services, and SOA * SAP ERP, HCM, CRM, SRM, SCM, SEM * Database Server, SAP Middleware, UIs * SOX, J-SOX, GoBS, IFRS, FDA, Basel II, REACh * ISO/IEC 27001, ISO/IEC 27002, CoBIT, ITIL, BSI

Mario Linkies is an entrepreneur and heads up the international advisory firm LINKIES. Management Consulting. As a business consultant for risk management and SAP access control, he has published several books in English, German, and Japanese. He also works as a poet, photographer, painter, and musician and is a member of the Supervisory Board of Public Performance GmbH and the Society for Contemporary Poetry Association in Leipzig. He has written hundreds of poems, short stories, and fables inspired by his travels in over 60 countries. Mario was born in 1963 in Leipzig and studied finance, banking, and foreign trade at Humboldt University in Berlin. In the summer of 1989, he left with thousands of other young people via Hungary and in 1994 emigrated to the Canadian province of Ontario. Today, he lives in Oakville, Canada and Leipzig, Germany. Dr. Horst Karin is a professional with over 12 years consulting experience in information security, risk management, controls and sustainable compliance. He is also advising in security strategy and technical integration of security solutions for SAP NetWeaver, BusinessObjects XI, access and identity management and Public Key Infrastructure. His exceptional experience is based on SAP and IT security projects with over 50 international clients, such as The Coca-Cola Company, Procter & Gamble, Eli Lilly and Company or The Royal Bank of Canada. Dr. Horst Karin is certified in SAP, as CISA, CISSP and in ITIL.

. Preface by Wolfgang Lassmann. 19

. Preface by Monika Egle. 21

. Preface by Jose Estrada. 23

. Introduction. 25

PART I. Basic Principles of Risk Management and IT Security. 31

1. Risk and Control Management. 33

. 1.1. Security Objectives. 34

. 1.2. Company Assets. 36

. 1.3. Risks. 40

. 1.4. Controls. 45

2. Enterprise Risk Management Strategy. 49

. 2.1. Status Quo. 51

. 2.2. Components. 52

. 2.3. Best Practices of an SAP Security Strategy. 60

3. Requirements. 79

. 3.1. Legal Requirements. 79

. 3.2. Industry-Specific Requirements. 93

. 3.3. Internal Requirements. 99

4. Security Standards. 101

. 4.1. International Security Standards. 102

. 4.2. Country-Specific Security Standards. 116

5. IT Security. 127

. 5.1. Cryptography. 127

. 5.2. Public Key Infrastructure. 137

. 5.3. Authentication Procedures. 140

. 5.4. Basic Principles of Networks and Security Aspects. 144

PART II. Security in SAP NetWeaver and Application Security. 153

6. Enterprise Risk Management (ERM) Navigation Control Map. 155

. 6.1. SAP Applications. 163

. 6.2. SAP NetWeaver Components. 165

. 6.3. Security Technologies. 167

. 6.4. Influencing Factors. 173

7. Web Services, Enterprise Services, and Service-Oriented Architectures. 175

. 7.1. Introduction and Technical Principles. 177

. 7.2. Security Criteria for Web Services. 181

. 7.3. Service-Oriented Architectures and Governance. 193

8. GRC Solutions in SAP BusinessObjects. 197

. 8.1. Introduction and Functions. 197

. 8.2. SAP BusinessObjects RM. 205

. 8.3. SAP BusinessObjects Access Control. 214

. 8.4. SAP BusinessObjects Process Control. 229

. 8.5. SAP BusinessObjects Global Trade Services (GTS). 238

. 8.6. SAP Environment, Health, and Safety (EHS) Management. 248

. 8.7. SAP BusinessObjects Sustainability Performance Management. 255

9. SAP NetWeaver Application Server. 257

. 9.1. Introduction and Functions. 257

. 9.2. Risks and Controls. 260

. 9.3. Application Security. 269

. 9.4. Technical Security. 287

10. SAP NetWeaver Business Warehouse. 309

. 10.1. Introduction and Functions. 309

. 10.2. Risks and Controls. 310

. 10.3. Application Security. 313

. 10.4. Technical Security. 323

11. BI Solutions in SAP BusinessObjects. 325

. 11.1. Introduction and Functions. 326

. 11.2. Risks and Controls. 327

. 11.3. Application Security. 332

. 11.4. Technical Security. 344

12. SAP NetWeaver Process Integration. 347

. 12.1. Introduction and Functions. 348

. 12.2. Risks and Controls. 350

. 12.3. Application Security. 357

. 12.4. Technical Security. 361

13. SAP Partner Connectivity Kit. 383

. 13.1. Introduction and Functions. 383

. 13.2. Risks and Controls. 384

. 13.3. Application Security. 388

. 13.4. Technical Security. 388

14. Classic SAP Middleware. 391

. 14.1. SAP Web Dispatcher. 391

. 14.2. SAProuter. 403

. 14.3. SAP Internet Transaction Server (ITS). 407

15. SAP NetWeaver Master Data Management. 423

. 15.1. Introduction and Functions. 423

. 15.2. Risks and Controls. 424

. 15.3. Application Security. 429

. 15.4. Technical Security. 436

16. SAP NetWeaver Portal. 439

. 16.1. Introduction and Functions. 439

. 16.2. Risks and Controls. 447

. 16.3. Application Security. 456

. 16.4. Technical Security. 481

17. SAP NetWeaver Mobile. 505

. 17.1. Introduction and Functions. 505

. 17.2. Risks and Controls. 508

. 17.3. Application Security. 515

. 17.4. Technical Security. 520

18. SAP Auto-ID Infrastructure. 527

. 18.1. Introduction and Functions. 527

. 18.2. Risks and Controls. 529

. 18.3. Application Security. 533

. 18.4. Technical Security. 535

19. SAP Solution Manager. 537

. 19.1. Introduction and Functions. 537

. 19.2. Risks and Controls. 540

. 19.3. Application Security. 544

. 19.4. Technical Security. 550

20. Authorizations in SAP ERP. 555

. 20.1. Introduction and Functions. 555

. 20.2. Risks and Controls. 556

. 20.3. Application Security. 563

. 20.4. Technical Security. 597

21. SAP ERP Human Capital Management and Data Protection. 599

. 21.1. Introduction and Functions. 599

. 21.2. Risks and Controls. 602

. 21.3. Application Security. 609

. 21.4. Technical Security. 617

22. SAP Strategic Enterprise Management. 619

. 22.1. Introduction and Functions. 619

. 22.2. Risks and Controls. 620

. 22.3. Application Security. 622

. 22.4. Technical Security. 623

23. SAP Customer Relationship Management. 625

. 23.1. Introduction and Functions. 625

. 23.2. Risks and Controls. 626

. 23.3. Application Security. 628

. 23.4. Technical Security. 636

24. SAP Supply Chain Management. 639

. 24.1. Introduction and Functions. 639

. 24.2. Risks and Controls. 640

. 24.3. Application Security. 641

. 24.4. Technical Security. 644

25. SAP Supplier Relationship Management. 647

. 25.1. Introduction and Functions. 647

. 25.2. Risks and Controls. 649

. 25.3. Application Security. 651

. 25.4. Technical Security. 664

26. Industry-Specific SAP Solution Portfolios. 667

. 26.1. Introduction and Functions. 668

. 26.2. Risks and Controls. 668

. 26.3. Application Security. 671

. 26.4. Technical Security. 675

27. Database Server. 677

. 27.1. Introduction and Functions. 677

. 27.2. Risks and Controls. 678

. 27.3. Application Security. 681

. 27.4. Technical Security. 683

28. User Interfaces. 689

. 28.1. SAP GUI. 689

. 28.2. Web Browser. 701

. 28.3. Mobile Devices. 706

. Appendices. 717

. A. Bibliography. 717

. B. The Authors. 719

Index. 721

Reihe/Serie SAP PRESS Englisch
Verlagsort Maryland
Sprache englisch
Maße 175 x 228 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Weitere Themen SAP
Schlagworte Berechtigung (EDV) • IT-Sicherheit • SAP NetWeaver
ISBN-10 1-59229-355-7 / 1592293557
ISBN-13 978-1-59229-355-1 / 9781592293551
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich