Lock Inactive Users
AUTHORIZATIONS IN SAP SYSTEMS
The results of the evaluation are marked with a coloured symbol. Classification varies for the different eligibility tests. The EWA does not only contain security-related tests and is therefore divided into different sections (e.g. hardware, performance). The test results in these areas are displayed with a traffic light symbol. If one of the tests within a section is indicated in red, the traffic light for that section shall also be set in red.
Have you ever tried to manually track who among the users in your SAP system has critical authorizations? Depending on your level of knowledge and experience, this work can take a lot of time. If audits have also been announced, the pressure is particularly high. After all, it is difficult to fulfill all requirements regarding SAP authorizations manually.
Maintain permission values using trace evaluations
For each form of automated derivative of roles, you should first define an organisational matrix that maps the organisational requirements. To do this, you must provide data on each organisation in a structured form.
When displaying or posting receipts in SAP Finance, are the standard eligibility checks insufficient? Use document validation, BTEs, or BAdIs for additional permission checks. The posting of documents, and often their display, is protected by standard permission checks; but they may not meet your requirements.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
The website www.sap-corner.de offers many useful information about SAP basis.
Role changes are only customised! You will get a list that shows all the roles you need to edit.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
One or more persons can hold a role and thus have the access authorizations assigned to the role.