List of required organisational levels and their value
What are the advantages of SAP authorizations?
With apm Suite, you can put together your individual GRC/SOX-compliant solution for SAP authorizations as needed. This is helpful, for example, to optimally manage SAP roles, for the determination of critical rights, the SAP user application, the auditing of emergency users or the password self service. With apm Suite you will never lose track of your compliance in SAP authorization management.
In 2020, there were 82,761 cases of computer fraud in Germany. Five years earlier, the number of cases was significantly lower - 23,562 cases - and have steadily increased from then on. The smaller the group of people with access, the smaller the risk of data falling into the wrong hands. Efficient and well thought-out authorization management plays a key role in minimizing risk and is a good way of protecting against unauthorized access, data misuse and industrial espionage. Without a coherent, well thought-out concept, the regulation of accesses and authorizations for the users or key users of an SAP system is a serious security vulnerability.
What to do when the auditor comes - Part 1: Processes and documentation
You can customise the AIS cockpit to your needs. To do this, use the customising that you will also find in the transaction SAIS under the button Administration of the audit environment. Select Configure Audit Cockpit and you can define a default audit structure, the maximum line length for log entries, and the number of log entries per audit step.
The default authorization roles of the new SAP system for consolidation and planning, SAP Group Reporting, are shown in the following graphic. It does not matter whether the system is accessed via the browser (Fiori Launchpad) or via local access (SAP GUI). The authorization roles shown in the graphic merely indicate the technical specifications preset by SAP. However, these can be used as a starting point and adapted accordingly after a copy has been created.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
Once you have confirmed your input, a new screen will open.
You can also find some useful tips from practice on the subject of SAP authorizations on the page www.sap-corner.de.
To prevent this, an authorization concept must be in place that describes how authorizations are to be created and assigned to users.