Immediate authorization check - SU53
Edit Old Stand
The Three Lines of Defense model is used to systematically approach risks that may arise in companies. It integrates operational controls as well as risk management, information security, and internal auditing. It can be used to assess and classify the risks arising from SAP authorizations. The monitoring of risks is incorporated into the processes, so that there is constant control by various bodies. This reduces the risks considerably and ensures a clean authorization assignment.
Do you have questions about the SAP authorization concept? Do you want to revise an existing authorization concept or need help assigning SAP authorizations? Our SAP consultants will be happy to support you in all questions regarding the structure and design of SAP authorization concepts. Based on our many years of experience, we have developed best-practice procedures so that we can support you quickly and cost-effectively both with initial implementations and with challenges during ongoing operations. Arrange a no-obligation consultation and take the next step in your digital transformation.
Lack of definition of an internal control system (ICS)
Furthermore, automation is possible with the help of a customer-specific ABAP programme. To do this, you should take a closer look at the AGR_TEXTS table. The table contains the different text blocks in different languages. Here we show you a section of the table with our example role Z_SE63. Short texts are assigned a value of 00000 in the column LINE, and long texts are assigned a value of 00001 to 0000x. The language keys are displayed in the SPRAS column. An ABAP programme now allows you to write the counterparts for the text fields in the target language into the fields in the tables.
The SAP authorization concept ensures that no unauthorized access can be made to transactions, programs and services in SAP systems. To call up business objects or execute transactions in the SAP system, a user therefore requires the appropriate authorizations. When called, the application started via a transaction checks whether the authorization exists and whether the user is allowed to perform the selected operation.
Authorizations can also be assigned via "Shortcut for SAP systems".
In the course of a comprehensive protection of your system from the inside as well as from the outside it is indispensable to have a closer look especially at the SAP standard users.
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
Therefore, use a risk analysis to select the topics and processes that should be at the top of the list when securing.