Show TOC Start of Content Area

Component documentation SAP Project and Portfolio Management Security Guide  Locate the document in its SAP Library structure


This guide is available in English only. It does not replace the daily operations handbook that we recommend customers create for their specific productive operations.

About this Guide

SAP Project and Portfolio Management comprises cProjects, cFolders, and xRPM, all of which are based on the SAP Web Application Server (SAP Web AS). You should therefore take the security information for the SAP Web AS into consideration. This guide only describes the security information that differs from it, as well as additional security information.

Related Security Guides



Most Relevant Sections or Specific Restrictions


SAP Security Guide


SAP Enterprise Portal

SAP Enterprise Portal Security Guide



Why Is Security Necessary?

With the increasing use of distributed systems and the Internet for managing business data, demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation on your system should not result in loss of information or processing time. These demands on security also apply to the SAP Project and Portfolio Management Security Guide. We provide this guide to assist you in securing SAP Project and Portfolio Management.

Target Groups

        Technical consultants

        System administrators

This document is not included as part of the Installation Guides, Configuration Guides, Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certain phase of the software life cycle, whereas the Security Guides provide information that is relevant for all time frames.

Important SAP Notes


Check regularly which SAP Notes are available about the security of the application.


SAP Note Number



Multi-Level Caching and Content Server Proxies


Trusted/Trusting Systems


Logging on to BSP Applications


Inactive Services in the Internet Communication Framework


End of Content Area