User Information System SUIM
In order to perform an operation in the SAP system, several authorizations may be required. The resulting interrelationships can become very complex. In order to nevertheless offer a procedure that is manageable and easy to handle, the SAP authorization concept was implemented on the basis of authorization objects. Several system elements to be protected form an authorization object.
With these methods, we not only help you with the implementation. You can also maintain and manage the solutions yourself afterwards, or you can trust us to run them for you: We call this Customer Success.
Dissatisfaction and unclear needs in the process
After activation, advanced security checks are available in the usual development environment within the ABAP Test Cockpit. The ABAP Test Cockpit is a graphical framework for developers. Various test tools, such as the Code Inspector or the SAP Code Vulnerability Analyser, can be integrated into this. All available test tools can be initiated from this central location and present their results in a common view. No training is required to intuit the tool.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
From the result of the statistical usage data, you can see which transactions (ENTRY_ID) were used, how often (COUNTER), and how many different users. There are various indications from this information. For example, transactions that were used only once by a user within 12 months could indicate a very privileged user, or inadvertently invoking a transaction for which a user has permissions. The future assignment of such transactions in the SAP role concept should then be critically questioned. In contrast, you should consider transactions with a high level of usage and a large user circle (e.g. with more than ten users) in an SAP role concept.
However, if your Identity Management system is currently not available or the approval path is interrupted, you can still assign urgently needed authorizations with "Shortcut for SAP systems".
For sure: If a consulting company does not implement a process first and the "framework" is missing as a result, the existing SAP authorizations must be analyzed retrospectively and the underlying concept must be understood.
We show you how to bring order to external services.