SAP Security

Get an in-depth view of SAP security

This five-day course program will facilitate a deep dive into SAP security. A team of Dutch SAP Security experts will teach you the most important SAP Security basics and its implications. This will enable you to define and configure security settings and draft procedures that best fit your organization and/or perform security reviews and audits on SAP landscapes. The team will also update you on the value of (SAP GRC) monitoring and the upcoming implications of security in S/4HANA.

Course objectives

As we believe in ‘learning-by-doing’, the course offers – next to the technical basics - a lot of opportunity to discuss practical use, benefits, constraints and real-life examples. Many hands-on exercises are included to challenge you to put theory into practice. Deloitte has its own SAP, GRC and HANA sandbox environments which will be used for this purpose.


Course outline

The SAP Security course will cover the most important security settings for an SAP ERP system. You will be introduced to SAP basis security features, their implications and constraints, where they are implemented, and how they can be audited. The course will also address topics such as ‘hacking’ vulnerabilities, tooling and best practises.

Although the course will focus on SAP ERP (commonly also referred to as R/3 and ECC), these concepts likewise apply to all other ABAP based systems, such as CRM, SRM and BI.

The following topics will be addressed: 

  • The SAP Landscape
  • Access Path
  • Introduction to Security
  • Navigation
  • User Management
  • Authorization concept
  • Profile Generator
  • Logging
  • System Parameters
  • Transaction Security
  • Program Security
  • Table Security
  • Job Scheduling
  • Change Management
  • Interfaces
  • Use of tooling such as GRC for monitoring and the impact of S/4HANA and related security.


'Clear, complete and enough room for individual attention'

'Hands-on training was very useful to check the understanding'

'The strenghts of the course are: overall depth, hands-on sessions and the knowledge of the facilitators' 

Target group

  • Security managers
  • SAP application managers
  • SAP security professionals
  • IT auditors regularly dealing with SAP related security challenges and such.

Date & location

New dates will be released soon


The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.


The costs are € 2,500 ex VAT. Catering (lunch) and course materials are included in the price.

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 30 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


Until four weeks before the start of the course you may cancel your participation by email free of charge, or you may propose to attend on another date. Should you cancel within four weeks before the start of the course you will have to pay the full course fee.

In the event of insufficient participants we reserve the right to cancel the course at any time or move the date of the event. If so, you will be informed in due time.


Hans Peersman

Hans Peersman


I work for Deloitte Netherlands as a manager in SAP security, which is part of our Assurance services within Operational Risk. I joined Deloitte in January 2012 and I focus on SAP security advisory as... More