Hi,
We have had a request to restrict salary related information in our TST environment. At this point we don't have a third party tool to scramble data in this system. Basis, Developers and the Security team therefore have broad access in this system and since TST is refreshed with PRD data anyone in these teams are able to view this info.
I have so far identified with assistance from our HR dept that the following should be restricted:
- IT 0008 - Basic Pay
- IT 9705 - Additional COE Remuneration Info
- Tables PA0008 & PA9705
- Txns SU01 - SU03 and PFCG (the above access can be re-assigned if the user has this access) Of course this can't be removed from the security team, monitoring should perhaps be put in place to mitigate this risk.
I am sure there are other ways in which this data can be accessed, can you help identify what I have missed?
Many thanks,
Jaynick