Maintain transaction start permissions on call CALL TRANSACTION
HR authorizations are a very critical issue in many companies. On the one hand, HR administrators should be able to perform their tasks - on the other hand, the protection of employees' personal data must be ensured. Any error in the authorization system falls within the remit of a company's data protection officer.
The first two problems can be solved by inserting the correction from SAP Note 1614407. The profile data will not be added to the bill of materials at the time of the roll recording but only when the transport order is released. This ensures consistency between the role's permission data and its profile data. The shared transport job also contains the complete history of changes to the profiles and permissions, so that obsolete data can also be deleted in the target systems.
Making the RESPAREA responsibility the organisational level
You may have special requirements that are necessarily to be included in the naming convention, such as when you define template roles in a template project that can be customised locally. You can identify this in the naming.
Logs: Protocols exist for all audits performed. This allows you to review the history of the audit results at a later stage or to view only the results of the last audit. To do this, use the protocol evaluation of the AIS in the transaction SAIS_LOG or click the button in the transaction SAIS.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
The commercial audit includes organisational overviews and balance sheet and process orientated functions.
As a result, the efficiency of authorization development is increasingly lost.