Hi Kévin,
My Basis & Security team went through a similar exercise earlier this year. Some of the SAP Notes that were useful for us when we completed our comprehensive audit were:
1686632 - Positive lists for RFC callback
1968729 - SAL: Message definition for RFC callback
2002096 - Wrong originally called function in RFC callback check
2058946 - Maintenance of callback positive lists before Release 7.31
I hope this helps! I can share with you our experience gained from our audit. We found many dead RFC's, many using incorrect accounts, and many pointing to IP's instead of FQDNS. Upon completion our SAP environment is in a much better place.
-Pete