Lack of definition of an internal control system (ICS)
Rebuilding the authorization concept
If you want to understand how to run a permission check in your code, you can use the debugger to move through the permission check step by step. To implement your own permission checks, it may be helpful to see how such checks have been implemented in the SAP standard. In this tip, we show you how to view the source code of permission checks using the debugger in the programme, or how to get to the code locations where the permission checks are implemented.
Every company knows the situation, every year again the auditor announces himself to perform the annual audit and to certify the balance sheet at the end of the audit. In the first part on this topic, the focus was on the relevant processes and documentation. In this part, the concentration is on a deeper level, namely directly in the SAP® system. The specifications for this should already be written down in the SAP® authorization concept.
Maintain authorization objects more easily
As part of the SAP Access Control solution, the Business Role Management component serves the central role management. In addition to other useful functions, it also offers the automation of mass maintenance of role withdrawals. To do this, you must first place the organisational matrix in the customising (transaction SPRO), i.e. you enter the values or value ranges in the Organisation Level Mapping details area for the different organisation fields. At this point, however, you do not specify which reference roles should be derived for these organisational values.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
Role selection for mass transport uses the default value help, which offers the Multiple Selection button. Thus, you no longer have to go through the Value Helper (F4) to perform multiple selection of roles, and the restriction of selected roles to the visible rows is eliminated.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
You can find the evaluation methods in table T77AW.
To do this, click the View/Modify button ( ) and enter your permission group in the Permission field.