SAP Authorizations Making the RESPAREA responsibility the organisational level

Direkt zum Seiteninhalt
Making the RESPAREA responsibility the organisational level
Permissions with Maintenance Status Used
For an authorization concept, a clear goal must first be defined that is to be achieved with the help of the concept. This should list which regulatory requirements the respective SAP system must fulfill and the associated authorization concept must take into account. In this way, the legal framework conditions are defined. In addition, uniform naming conventions should be used because, on the one hand, many things cannot be changed after the initial naming and, on the other hand, this ensures searchability in the SAP system. Clearly defined responsibilities ensure the effectiveness of a concept. Specific persons must be named or at least roles defined in a separate section. A chapter should be dedicated to the process for user management. Here, it must be described how users obtain existing SAP authorizations, how new users are integrated into the SAP system, and who is responsible for approving authorizations. The chapter on the process for authorization management defines who is allowed to create and edit which roles and who is responsible for the development of various related processes. The chapter on special authorizations describes processes and special features in the area of non-dialog operations. These include job management and interface convention. Other administrative authorizations can also be described. The chapter on role concept explains how business requirements are transferred to a technical role. The role concept takes on a special significance, since it describes the actual mapping of business roles to the technical roles and thus to the authorizations in SAP.

The next step is to evaluate the usage data; here the monthly aggregates are typically sufficient. These include the user ID, function block, and number of calls. For an overview of the usage data already stored in the system, see the SWNC_COLLECTOR_GET_DIRECTORY function block (GET_DIR_FROM_CLUSTER = X input parameter). The actual downloading of the usage data is then performed using the function block SWNC_COLLECTOR_GET_AGGREGATES.
Integrate S_TABU_NAM into a Permission Concept
Using these authorizations, any source code can be executed independently of the actual developer authorizations and thus any action can be performed in the system. This authorization should only be assigned to an emergency user.

Access to personal data in a company is a sensitive issue. It is essential to manage this access securely and to be able to provide information at any time about who has access to the data, when and in what way - and not just for the sake of the auditor. For this reason, the topic of SAP authorizations is a very important one, especially for the HR department.

Authorizations can also be assigned via "Shortcut for SAP systems".

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.

Click Enter and you will be asked what type of parameter it is.

This replaces and protects you from the development end of your central user administration (SAP ZBV).
SAP Corner
Zurück zum Seiteninhalt