THE "TOP SEVEN"
What to do when the auditor comes - Part 2: Authorizations and parameters
However, you can also use the proof of use in the authorization object maintenance to search for specific implementation sites. To do this, open the authorization object in the SU21 transaction. Open the proof of use via the button and a pop-up window appears for querying usage modes (for example, using the affected authorization object in programmes or classes). After making your selection in the Usage Proof, all of the affected implementations will be tabulated. Double-click to access the relevant code locations.
Many companies are currently converting their current SAP systems from an ERP state to an SAP S/4HANA system. Through this conversion, many technical and also organizational components come upon the respective companies. The time factor for determining, organizing and implementing the necessary components should not be underestimated. The area of security is often neglected in thought, but can lead to major problems and possibly image-related damage - and resulting financial losses - in retrospect. For this reason, the implementation of a comprehensive authorization concept should be considered as early as possible in the project phase, as several components are intertwined here.
SIVIS as a Service
The programmer of a functionality determines where, how or whether authorizations should be checked at all. In the program, the appropriate syntax is used to determine whether the user has sufficient authorization for a particular activity by comparing the field values specified in the program for the authorization object with the values contained in the authorizations of the user master record.
Authorization tools in the SAP GRC Suite ensure that every company can design a highly automated compliance management system that fits exactly. The majority of German companies with an SAP system do not yet use authorization tools. However, the use of SAP authorization tools is a great advantage for many companies. The extent to which the use of authorization tools makes sense depends on the size of a company.
"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.
The website www.sap-corner.de offers many useful information about SAP basis.
As in other systems, user maintenance and role/profile assignment must be restricted to the group of user administrators.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
On the one hand, sensitive company data must not fall into the wrong hands, but on the other hand, they also form an important basis for decisions and strategic company directions.