SAP Authorizations Detect critical base permissions that should not be in application roles - SAP Basis

Direkt zum Seiteninhalt
Detect critical base permissions that should not be in application roles
SAP S/4HANA: Analysis and simple adjustment of your authorizations
Historically grown authorization structures can be found especially in system landscapes that have been in operation for a long time. Instead of small, modular, job-specific roles, existing roles are continually expanded and assigned to different employees in different departments. While this leads to less administrative work in the short term, it causes the complexity of the role to increase massively over time. As a result, the efficiency of authorization development is increasingly lost.

Are you sure that your compliance is always ensured when using your SAP system? Would you like to make SAP authorization assignment clearer and reduce the manual workload? Our SAP add-on apm creates simplified processes and thus more transparency in your existing SAP authorization management. Reduce administrative effort and ensure clarity in your compliance solution.
Ensuring secure administration
Careful preparation is a prerequisite for a successful authorisation check. A functional specification must be created for all customer-specific functionalities. This forces us to think about what the actual requirements of the application are and then describe the possible implementation. In doing so, security-related aspects, such as eligibility testing and allocation, must be taken into account. Define what you can do with this programme and also what you cannot do explicitly! In the case of a permission check, not only the activity to be performed, such as reading, changing, creating, etc. , can be checked. You can also restrict access to records by using specific criteria, such as field content or organisational separators.

You can also find some useful tips from practice on the subject of SAP authorizations on the page www.sap-corner.de.

When were which changes made to a role (PFCG)? In the PFCG, click on Utilities > View Changes in the menu at the top to view the change documents. You will see a detailed list of which user made which change to which object and when.

"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.

Which authorization data does a role have (PFCG)? Again, start the transaction PFCG and display a role.

The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.

Call the SIMGH transaction and create your own IMG structure, such as company name Customising.
SAP BASIS
Zurück zum Seiteninhalt