This definition was last updated in June 2014
Patches
For the SAP basis and its employees, the change in self-understanding results in an attractive, responsible and demanding working environment. Technological diversity can be controlled and kept to the minimum necessary. This includes an overview of the existing interfaces and a controllable data flow with the associated guarantee of data security.
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
Migration of SAP systems to HANA DB
In order to solve the challenges, it is necessary to develop a suitable catalogue of criteria to evaluate the feasibility or suitability of certain applications for certain service forms. The service catalogue must be structured in such a way that the criteria, which cannot be answered clearly, can be identified and subjected to continuous consideration. The catalogue of criteria cannot generally provide a 100% decision, but only a decision aid and an absolute must-criteria.
The website www.sap-corner.de offers many useful information about SAP basis.
Of course, the SAP consultant remains in the foreground as a person and is the figurehead for our services. However, where it makes sense, they are supported by customized tools.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.
Details and a guide to installing the tool can be found here: instguides → SAP NetWeaver → Released 04 → Installation → Cross-NW → Installation Guide Search and Classification TREX.
Permissions beyond the daily task spectrum are granted only for limited periods and under control.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.