SAP Authorizations System Settings - NW Admin

Direkt zum Seiteninhalt
System Settings
Law-critical authorizations
You can assign a Table or Care View to a table through the SE11 transaction or SE54 transaction. This mapping is defined as a customising setting and therefore remains in place after a release change. You can assign a table to a table permission group by using the SE11 transaction by selecting your table in the start image and pressing the Display button.

I show how SAP authorizations can be assessed and monitored by using the Three Lines of Defense model. This method can be applied even if the model is not used for all enterprise risks. You will learn how to integrate the different stakeholders into the lines of defense and harmonize the knowledge for the process. Also, what tools can be used for controls and cleanups in each case. This ensures, for example, that managers are able to assess the risks and derive measures, and that administrators can technically clean up the risks.
Data ownership concept
With apm Suite, you can put together your individual GRC/SOX-compliant solution for SAP authorizations as needed. This is helpful, for example, to optimally manage SAP roles, for the determination of critical rights, the SAP user application, the auditing of emergency users or the password self service. With apm Suite you will never lose track of your compliance in SAP authorization management.

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.


No external services can be added manually in transaction SU24. To do this, you must turn on a permission trace that takes over. You can enable the permission trace using the auth/authorisation_trace dynamic profile parameter. You can enable this parameter by using the transaction RZ11 (Profile Parameter Maintenance) by entering the value Y as a new value and selecting the Switch to All Servers setting.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

When were which changes made to a role (PFCG)? In the PFCG, click on Utilities > View Changes in the menu at the top to view the change documents.

Relevant information is your release and support package stand, as well as SAP notes and their versions.
NW BASIS
Zurück zum Seiteninhalt