Due to the increased threat of cyber attack, existing security and governance strategies are simply no longer adequate to protect the interconnected SAP landscape. Organizations must change their approach to securing the SAP landscape and adopt a holistic SAP security and governance strategy that protects the entire SAP technology stack. This requires the ability to proactively identify SAP cyber security threats and implement a security and governance strategy to address evolving risk.
KPMG’s SAP Cyber security framework
As an organization, you want to know whether you have an adequate approach to SAP cyber security. At KPMG LLP (KPMG), we view SAP security through the lens of four key dimensions: SAP governance, configuration management, critical functions and technology stack. Together, these dimensions provide a framework for securing the SAP landscape from cyber attack. This integrated approach to securing the SAP landscape is based on the principle of “defense in depth”.
SAP governance
governance strategy
master data protection
third party risk
risk and compliance
SAP GRC
SAP configuration management
transport management
SAP patch and notes management
configuration management
code security and testing
SAP technology stack
SAP networking security
database and OS security
SAP communication protocols
logging and monitoring
SAP critical functions
user administration
password configuration
emergency access
access to sensitive TCodes
table maintenance
Learn more in our brochure about our approach to SAP cyber security and our four-step SAP cyber security assessment that can provide an in-depth review of your SAP landscape and your ability to protect your most important information assets against cyber attack.