Professional Documents
Culture Documents
Category 1 General 2 General 3 General 4 General 5 General 6 Access to Programs and Data 7 Access to Programs and Data 8 Access to Programs and Data 9 Access to Programs and Data
15 Access to Programs and Data 16 Access to Programs and Data 17 Access to Programs and Data 18 Access to Programs and Data
21 Program Changes
22 Program Changes
23 Program Changes
24 IT Operations
25 IT Operations
26 IT Operations
27 IT Operations
28 IT Operations 29 IT Operations
30 IT Operations
Document Current IT Organization Chart Most current list of all active employees, their titles, department and hire date. We would prefer to have a softcopy version of this document. List of all active consultants/contractors, including start date and manager. We would prefer to have a softcopy version of this document. List of terminated employees from 01 April 2013 through to present (including their termination date). We would prefer to have a softcopy version of this document. List of new hires from 01 April 2013 present (including their hire date). We would prefer to have a softcopy version of this document. Information Security Policy/ ISMS Manual (if any) Screenshot for the availability of Information Security Policy/ ISMS Manual on the intranet (if any) Copy of the Information Security Awareness training (if any) System generated list of users granted access to data centers (hosting in scope applications) from 01 April 2013 till date.
System generated list of users having access to data centers (hosting in scope applications). System generated report from in scope applications for list of user accounts created during the year from 01 April 2013 till date. System generated report from Domain controller for list of users to whom access was granted from 01 April 2013 till date.
System generated list of users for whom access from in-scope applications was revoked during the year from 01 April 2013 till date.
Active users list for in scope applications along with roles granted.
Password policy configured on in scope applications and the domain controller. Report from SAP for configurations in RSPARAM. Extract of USR40 table from SAP. Report from SAP for configurations in RSUSR003. System generated list of users who have super user access (eg. SAP_ALL, Root Access) to the Applications in scope, their underlying database and the operating systems. Leeboy's Change Management policies and procedures. System generated list of all program changes (including emergency changes) made to the production environment for the in-scope applications from 01 April 2013 to present.
Screenshot of SAP Transport Route. Screenshot of Client configurations for Production, Development and Test environments for applications in scope.
System generated access list to t_codes SE01, SE06, SCC4, STMS users in SAP. Job Scheduling policies and procedures addressing processing requirements & instructions, error & recovery instructions, turnover, etc.
System generated list of current production jobs scheduled for the in scope applications. System generated access list (or screen shot) of personnel with administrative access to update, modify or delete job schedule within the inscope applications and/or job schedulers. Leeboys's Back-Up and Restoration policies and procedures addressing back-up requirements for in-scope applications, recover requirements and data retention periods). Leeboys' Incident Management Policy.
Proof File
Comments/ Clarifications