SAP S/4HANA® Launch Pack for Authorizations
AUTHORIZATIONS FOR BATCH PROCESSING IN THE SAP NETWEAVER AND S/4HANA ENVIRONMENT
When configuring the Security Audit Log, you must consider the storage of the files. At least one separate file is created for each day. When the maximum size of all files for the tag is reached, additional events are stopped. So you should always adjust the maximum size of the file to your needs using the parameters rsau/max_diskspace/per_file and rsau/max_diskspace/per_day. The rsau/max_diskspace/local parameter is obsolete in this case, but remains active if the other two parameters are not maintained.
Excel-based tools typically do not know the release-specific suggestion values (they often work without the in-system suggestion value mechanism, because they do not use the PFCG transaction). This also means that it is not possible to upgrade rolls with standard SAP tools, such as the SU25 transaction. This also increases the dependency on the external tool, and the authorisation system is further removed from the SAP standard and the best practices recommended by SAP in role management.
User Information System SUIM
The requirements for the architecture of authorization concepts are as individual as the requirements of each company. Therefore, there is no perfect template. Nevertheless, there are topics that should be considered in an authorization concept.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
If these issues are not taken into account during a conversion, there will be an imbalance between the system and the components to be protected, since the change in the system constellation means that new components, such as those mentioned above, must also be taken into account. Otherwise, a company may suffer economic damage and the resulting damage to its image. Furthermore, neglect of legal requirements (BDSG, DSGVO, GOB, HGB, etc.)1 can lead to legal measures or steps.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
In 2020, there were 82,761 cases of computer fraud in Germany.
Worse is the case that someone has too many permissions, i.e. the type: "User xy should not have this permission anymore" (CASE2).