Audit Information System Cockpit
Alternatively, you can maintain this information from the SE93 transaction by selecting a transaction first. You will then be presented with the list of all transactions that can be called from this transaction by using the Tools > Called Transaction Permission menu path. The implementation of SAP Note 1870622 provides a feature enhancement for the SE97 transaction. Among other things, there is the new button Modification Synchronisation. So far, changes in the SE97 transaction have been overwritten by inserting support packages or upgrades. With the modification comparison it is now possible to match your changes with the default values.
After these preparations, we now proceed to the expression of the User-Exit in the validation that has just been created. To do this, you copy the User-Exit definition in the created custom programme, specify a name for the User-Exit definition (e.g. UGALI) and create a new text element.
Security within the development system
You want to document internal system revisions and authorisation monitoring? The new cockpit of the Audit Information System offers you some practical functions. There are several legal requirements that require a regular audit of your SAP system. As a general rule, there are internal and external auditors who carry out such audits. In addition, user and permission management can set up their own monitoring of permissions to avoid unpleasant surprises during audits. Auditor documentation is often standardised in the case of external auditors; for the internal audit or your own monitoring, however, in many cases a suitable documentation is missing. In spite of automated evaluations, external auditors often also demand an activation of the Audit Information System (AIS). We will show you how to activate the AIS and take advantage of the new AIS cockpit.
Assigning clear authorizations to employees is not a sign of mistrust, but offers a high level of protection - both for the company and for the employees themselves. By assigning SAP authorizations on a role-specific basis, each employee is given access to the system according to his or her task.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
Furthermore, these values can be used as a basis for risk definitions.
In general, roles should not contain too many transactions; Smaller roles are easier to maintain and easier to derive.