SAP Authorizations Audit Information System Cockpit - NW Admin

Direkt zum Seiteninhalt
Audit Information System Cockpit
Maintain table permission groups
Custom programmes should be protected with permissions, just like standard applications. What rules should you follow? Introductory projects usually produce a large number of customised programmes without being subjected to a permission check when they are executed. For your programmes, you should create custom permissions checks by default and manage them accordingly.

Business objects to which companies refer authorizations are defined in the system as authorization objects. For individual conditions, SAP delivers the authorization objects F_FICO_IND and F_FICO_AIN. With F_FICO_IND you can define which individual conditions are checked when processing the contract depending on the defined authorization fields and their characteristics. Using the authorization object F_FICO_AIN, companies can define whether and how individual conditions are to be checked when processing in the BAPI channel depending on the defined authorization fields and their characteristics.
Lack of know-how
You use the RSUSR010 report and you do not see all transaction codes associated with the user or role. How can that be? The various reports of the user information system (SUIM) allow you to evaluate the users, permissions and profiles in the SAP system. One of these reports, the RSUSR010 report, shows you all executable transactions for a user, role, profile, or permission. Users of the report are often unsure about what this report actually displays, because the results do not necessarily correspond to the eligible transactions. Therefore, we clarify in the following which data are evaluated for this report and how these deviations can occur.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.


See SAP Note 1763089 for information on the system requirements and support packages you need to access the new feature. With these support packages the transaction SAIS, the new AIS cockpit, is delivered. The AIS has thus been switched from the previous role concept to thematic audit structures and offers new functions, such as logging all audit activities. The AIS has existed in the SAP system for quite a long time; It is designed as a tool for testing and evaluating SAP systems and is delivered by SAP ERP to the standard. It includes the function of audit structures, a collection of audit functions on the areas of commercial audit and system audit, including their documentation. The commercial audit includes organisational overviews and balance sheet and process orientated functions. For example, this allows you to evaluate information about financial accounting and tax receipts. The AIS system audit covers general system audits and analysis of users and permissions. For example, it includes functionality to check profile parameters or transport.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

In addition, you can perform a basic analysis in advance, which will also be the main focus of this blog.

Starting with SAP NetWeaver 7.31, you have the choice to set the reference time stamp from the SU22 data or delete the contents of the time stamp tables.
NW BASIS
Zurück zum Seiteninhalt