Hello Sunday,
These could be the keys;
Audit or Security of hardware, OS and DB are also important for audit. You must take care of these.
I will give some key points for SAP layer.
These are taken from EWA reports security sections (You can check one of EWA report how to obtain these users)
* Super User Accounts SAP_ALL
* Users Authorized to Change all Tables
* Users Authorized to Start all Reports
* Users Authorized to Debug / Replace
* Users Authorized to Display Other Users Spool Request
* Users Authorized to Administer RFC Connections
* Users Authorized to Reset/Change User Passwords
Also check;
* Users Authorized to create or change users
* Users Authorized to change client settings and system change option
* Users Authorized to create, change, delete, assign roles and profiles
* Users Authorized to import, create requests
* Users Authorized to change RFC connections
* Users Authorized to administor background processing
* Users Authorized to change profiles
Regards,
Yuksel AKCINAR