Useful facts about access control for SAP tables in data extraction.
zapAudit accesses about 120 SAP tables
You can download the data scope from here (PDF) or (xlsx) or in the software (see screenshot). The specific listing contains all SAP tables and accessed fields. It will also show if a field is pseudonymized during data extraction.
zapAudit only requires read permissions
zapAudit does not alter any of your SAP system data. No writing or editing permissions are required. You can read this guide to configure your SAP user. You can control the access by setting up the SAP logging for that user.
Personal data is auto-pseudonymized
When data is downloaded from an SAP system, zapAudit automatically pseudonymizes personal data. This personal data is pseudonymized before being stored in the zapAudit database and is never stored in plaintext.