SAP Self-Assessment Level 1

1. Our SAP systems are “internal only”. Their exposure to outside attackers is low/zero.

2. If only the production system has critical data, it’s enough to secure only those production systems.

3. We have SAP security covered. We have a team/tool taking care of roles, profiles, SoD and GRC.