• The “SAP Certified Technology Associate -Authorization and Auditing Certification” certification exam verifies that the candidate has the requisite knowledge in the area of ABAP AS authorization concepts and SAP security system management. This certificate proves that the candidate has a basic and overall understanding within the consultant profile of SAP security concepts and can put this knowledge into practice as a member of a project team.

Topic Areas

Please see below the list of topics that may be covered within this certification and the courses that cover them. Its accuracy does not constitute a legitimate claim; SAP reserves the right to update the exam content (topics, items, weighting) at any time.

Configure Authorization Environment> 12%


Use the basic settings for role maintenance. Explain how to upgrade role maintenance and define customer values of role maintenance, password rule parameters and system Customizing options. Describe how to protect special users.


Advanced User Administration8% – 12%


Explain the concept of Central User Administration, GRC 10.0 and SAP NetWeaver Identity Management.


Users and Authorization Audit8% – 12%


Explain the creation of authorization and customizing of the role maintenance tool in SAP solutions. Describe how to examine and verify critical authorizations.


Security Assessment8% – 12%


Use the SAP Security Optimization Self-Service, SAP security notes and SAP Solution Manager to secure systems.


Secure Infrastructure8% – 12%


Explain Networking Terms, SNC, SSL and describe how to configure SAP NetWeaver SSO.


Basic Role Maintenance8% – 12%


Define a role and authorization in a role. Understand how to customize roles and explain composite, reference and derived roles.


Key Capabilities of SAP NetWeaver< 8%


Explain SAP NetWeaver key capabilities and describe the SAP NetWeaver Application Server Architecture. Plan the system architecture containing different SAP NetWeaver Application Servers.


Customize and Usage of AIS< 8%


Describe and explain the Audit Information System and how to set up and use the Audit Information System.


System Audit< 8%


Explain the Security Audit Log. Check the Customization for the Security Audit Log. Secure background services, spool and other administration services.


User Maintenance< 8%


Describe how to maintain user master records, including values on tab pages; implement mass maintenance.


Authorization Concepts for Identity Management< 8%


Design and implement an authorization concept for an AS ABAP-based system.


Advanced Role Maintenance< 8%


Describe and define role maintenance in the PFCG and authorization for system users.