Control BSSCFPAR_001AC1

• This is a system profile parameter that monitors control. SAP start-up profiles affect system situations that pertain to security, protection and compliance. The parameter settings need to be monitored to prevent a security breach. The object of BSSCFPAR_001AC1 is to regularly monitor the system parameters set for the SAP profiles. This is to ensure the profile parameters are updated to the most current SAP recommendations. The control also ensures that parameters are adjusted to match the activities currently performed on the system. Any unexpected profile parameter settings for the system will be reported.
  
  

Control BSSCFPAR_001AC2

• This is a database profile parameter that monitors control. Within the SAP start-up profiles, there are parameters that are database-dependent. Database performance and activities are affected by these parameters. It is important to monitor these setting parameters to prevent a breach in security. The objective of this control is nearly identical to the BSSCFPAR_001AC1. The exception is that BSSCFPAR_001AC2 manages database profile parameters, instead of system profile parameters. These parameters are monitored for the same reasons, and this control will also report any unexpected or inaccurate settings.
  
  

Control BSSCFSYS_001AC1

• This is a developer key monitoring control. Developer keys are necessary to repair, modify or create SAP objects. It is important to monitor the developer keys and have a list of those who have access to the software change keys to ensure the production environment is not changed in an undesirable manner. The objective of BSSCFSYS_001AC1 is to ensure that no production environment changes are made outside of the SAP standard transport channel and to restrict access to this environment. The control will report any developer keys that are present in the environment and any user who is able to make direct changes to SAP objects or create customized objects within the production environment.
  
  

Control BSTRNCFS_002AC1

• This is a system setting that monitors control. Certain objects should be defined within the production environment and protected from change. The system should be set in such a way that customization is possible for modification objects or client-created custom objects, but not for the critical objects. This is a factor in security breach prevention. The objective of BSTRNCFS_001AC1 is to maintain a list of system settings that are modifiable, along with any deficiencies. The control reports any system settings that have been modified within the production environment and any user who has access to modify those settings.