Perform Risk Analysis with the Critical Permissions Report
Set up permissions to access specific CO-PA measures
In many SAP environments, there are historically grown authorization structures that cause unnecessary security gaps. These should be examined closely.
The best way for companies to combat historically grown uncontrolled growth in authorizations is to prevent it. An analysis of whether the current authorization concept is sufficient for the company helps here.
Logs: Protocols exist for all audits performed. This allows you to review the history of the audit results at a later stage or to view only the results of the last audit. To do this, use the protocol evaluation of the AIS in the transaction SAIS_LOG or click the button in the transaction SAIS.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
Anyone who owns valuable personal property assumes responsibility for it - just like a landlord, for example. He decides whether changes need to be made to the building, whether privacy hedges need to be planted in the garden or whether superfluous old appliances need to be disposed of and, if necessary, has a new lock installed immediately if the front door key is lost. He may forbid visitors who are not relatives to enter the bedroom or the daughter to have a public party in the house.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
Whether the permission checks are simplified or completely switched off is controlled by the COARS field of the object.
What is the purpose of a role? Which user has which authorization? Due to the amount of roles and authorizations, it quickly becomes confusing for users.