Securing Production Operation

Setting System Change Options

You must define which changes are allowed in each of the individual systems that you have in your system landscape. Use the Transport Organizer tools (transaction SE03) to manage these settings.

We recommend that you set the system change options based on the system role as specified in the table below:

System Role	System Change Option
Production System	Set Repository and Client-Independent Customizing to Not modifiable. In this setting, no objects can be changed.
Quality assurance system	Use the same settings as for the production system.
Development system	Set Repository and Client-Independent Customizing to Modifiable. In this setting, objects can be changed according to the specific settings for each namespace. Define to what extent changes are allowed for the namespaces in which you develop. Only set those namespaces to Modifiable in which development takes place or in which corrections are performed.

System Role

System Change Option

Production System

Set Repository and Client-Independent Customizing to Not modifiable.

In this setting, no objects can be changed.

Quality assurance system

Use the same settings as for the production system.

Development system

Set Repository and Client-Independent Customizing to Modifiable.

In this setting, objects can be changed according to the specific settings for each namespace.

Define to what extent changes are allowed for the namespaces in which you develop. Only set those namespaces to Modifiable in which development takes place or in which corrections are performed.

For more information, see Setting the System Change Option.

Using the TMS Quality Assurance Approval Procedure

For ABAP transports, you can use the TMS Quality Assurance approval procedure to make sure that only approved requests are transported into your production system. You can configure the approval steps that need to be processed before transport requests are transported depending on your security requirements.

For more information, see TMS Quality Assurance.

Preventing the Transport of Security-Critical Objects

There are certain security-critical objects in SAP systems that should not be changed and should therefore not be imported into certain systems.

You can protect these objects from being changed by imports by defining a set of security-critical objects for all systems in the transport domain. If changes to these objects are contained in transport requests, the system blocks the import of these requests in the target system.

For more information about how to define security-critical objects, see Defining Transport Objects as Critical.

Emergency Changes in the Production System

Generally, users should not have authorizations for programming, debugging with replace, or transport authorizations in your production system. As previously mentioned, changes should be made in a single system only, namely the development system. We recommend that you have a process to transport emergency changes through the landscape. Change Request Management in SAP Solution Manager offers a process for emergency changes, for example.

Caution

If you do have to make emergency changes in the production system, define a change procedure where you have supervised control over what happens. Give a single user temporary authorizations for the ABAP Development Workbench (transaction SE80) and make sure that someone approves these changes. Once the user has made the changes, remove the authorization.