- follow the link
- SAP R/3 user ID SAP* and other system user id has been adequately secured.
- The production system has been set to productive.
- Access Restriction: SCC4 and SE06
- S_DEVELOP is secured
- Change management is secured and controlled
- Transport access to production is restricted
- Developer access in production
- Change critical number range is restricted
- Custom tables has authorization group
- Locking of sensitive systems transaction codes
- BDC user types should has only required access
- Run Program in the back ground
- Changes to critical SAP R/3 tables are logged
- Scheduling and Monitoring Batch jobs
- Access to run reports should be restricted.
- Critical and custom SAP R/3 tables are restricted.
If you feel I should add more email me firstname.lastname@example.org