SlideShare a Scribd company logo

Authorisations in SAP: best practices

J
Jonathan Eemans

The document outlines best practices for authorizations in SAP. It discusses role naming conventions, using different role types correctly like single, composite and master/derived roles. It emphasizes maintaining an authorization matrix and documenting any changes. Unmaintained authorizations should be avoided. Tips provided include deactivating standard roles when changing authorizations and using the 'Read old status and merge with new data' option when updating roles.

1 of 11
Download to read offline
26/01/2017 1Jonathan Eemans JE Consulting Authorisations in SAP Best practices
26/01/2017 2 Authorisations in SAP: best practices 1. Role naming conventions Role naming convention Lack of naming convention, inconsistent naming convention or inappropriate naming convention is the most basic mistake that an organisation can make. And this does not just impact the user administrator (who may not be able to identify with the roles after some time), it adversely impacts business users as well as auditors. Business users are often not conversant with transaction codes and authorization objects and rely on the role name and description to understand the role. Without a good and consistent naming convention, they may struggle to make sense of the roles. SOLUTION: Define logic naming convention and respect this naming convention at all times. Example: ZS/C_XX_<Description>/<Job>_YYYY with S = Single role / C = Composite role XX = Domain (CA, GL, AP etc.) <Description> (single role) = Description (GLMAST_MAINT for g/l account maintenance, GLMAST_DISPL for g/l account display, etc.) <Job> (composite role) = Job (MMPUR for purchaser, FITR for treasury, FIGEN for accountants etc.) YYYY = Master / Organisational unit (MAST if master role, #### for Company 1, etc.)
26/01/2017 3 Authorisations in SAP: best practices 2. Role design Role design Use different types of roles correctly.  Single roles  Composite roles  Master / parent roles  Derived / child roles SOLUTION: Correctly design roles using authorisation matrix.
26/01/2017 4 Authorisations in SAP: best practices 2. Role design 1. Define single roles 2. Assign single roles to composite roles 3. Define slave roles 4. Assign composite roles to users
26/01/2017 5 Authorisations in SAP: best practices 2. Role design: Master / derived roles Concept A derived role has identical attributes (transactions / authorization object values) as it parent except the values of the organizational level fields (plant, company code, sales organisation etc. ). Advantage Thus maintenance is simplified as only the organisational levels have to be maintained at the derived role level. This also ensures that there is no opportunity to make mistakes during authorisation maintenance for the multitude of derived roles and also reduces testing effort for roles.
26/01/2017 6 Authorisations in SAP: best practices 2. Role design: Master / derived roles Example Master role Derived role Transactions and authorisations Derived role are maintained in the master role is assigned to master role Organisation levels are not assigned in master role Organisational levels are assigned
26/01/2017 7 Authorisations in SAP: best practices 3. Maintain authorisation matrix Authorisation matrix
26/01/2017 8 Authorisations in SAP: best practices 4. Document changes in authorisations Document changes to authorisation roles
26/01/2017 9 Authorisations in SAP: best practices 5. Non-maintained authorisations Unmaintained authorisations Many user administrators leave unmaintained authorisation (i.e. objects with some unmaintained field values) in the profile. Such unmaintained authorization often become big nuisance in long run. They are also one of the most common reason behind false positives raised during authorization review. SOLUTION: Maintain all authorisation objects in the authorisation profile.
26/01/2017 10 Authorisations in SAP: best practices Tip 1 for maintaining authorisations: deactivate but keep the standard When changing authorisation objects the best way is to make a copy, deactivate the standard, and make changes to the copy.
26/01/2017 11 Authorisations in SAP: best practices Tip 2 for maintaining authorisations: Read old status and merge with new data Use option ‘Read old status and merge with new data’ If you have a ‘Standard’ and a ‘Change’, the option ‘Read old status and merge with old data’ will not insert a new authorisation object.

Recommended

SAP Security & GRC Framework
SAP Security & GRC FrameworkSAP Security & GRC Framework
SAP Security & GRC FrameworkHarish Sharma
 
Sap Security Workshop
Sap Security WorkshopSap Security Workshop
Sap Security Workshop
larrymcc
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
 
SAP S4 HANA.pptx
SAP S4 HANA.pptxSAP S4 HANA.pptx
SAP S4 HANA.pptx
HARISHVERMA80
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
Nasir Gondal
 
SAP FI - Accounts Receivable
SAP FI - Accounts ReceivableSAP FI - Accounts Receivable
SAP FI - Accounts Receivablesaiprasadbagrecha
 
Funds management configuration sap ag
Funds management configuration sap agFunds management configuration sap ag
Funds management configuration sap ag
Lluckyy
 
SAP Accounts Reveivable SAP Documents | http://sapdocs.info
SAP Accounts Reveivable SAP Documents | http://sapdocs.infoSAP Accounts Reveivable SAP Documents | http://sapdocs.info
SAP Accounts Reveivable SAP Documents | http://sapdocs.info
sapdocs. info
 

Recommended

SAP Security & GRC Framework
SAP Security & GRC FrameworkSAP Security & GRC Framework
SAP Security & GRC FrameworkHarish Sharma
 
Sap Security Workshop
Sap Security WorkshopSap Security Workshop
Sap Security Workshop
larrymcc
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
 
SAP S4 HANA.pptx
SAP S4 HANA.pptxSAP S4 HANA.pptx
SAP S4 HANA.pptx
HARISHVERMA80
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
Nasir Gondal
 
SAP FI - Accounts Receivable
SAP FI - Accounts ReceivableSAP FI - Accounts Receivable
SAP FI - Accounts Receivablesaiprasadbagrecha
 
Funds management configuration sap ag
Funds management configuration sap agFunds management configuration sap ag
Funds management configuration sap ag
Lluckyy
 
SAP Accounts Reveivable SAP Documents | http://sapdocs.info
SAP Accounts Reveivable SAP Documents | http://sapdocs.infoSAP Accounts Reveivable SAP Documents | http://sapdocs.info
SAP Accounts Reveivable SAP Documents | http://sapdocs.info
sapdocs. info
 
SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!
sapdocs. info
 
Sap fi overview
Sap fi overviewSap fi overview
Sap fi overview
compugrainc
 
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECTSAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
Venet Dheer
 
S/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and FunctionalityS/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and Functionality
Dickinson + Associates
 
Sap business process flows
Sap business process flowsSap business process flows
Sap business process flows
Verity Solutions
 
SAP Treasury management
SAP Treasury managementSAP Treasury management
SAP Treasury management
sarkarinaukriblog
 
Sap security-administration
Sap security-administrationSap security-administration
Sap security-administrationnanda nanda
 
SAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.infoSAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.info
sapdocs. info
 
Sap Implementation Presentation
Sap Implementation PresentationSap Implementation Presentation
Sap Implementation Presentation
larrymcc
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
sapdocs. info
 
Intro to-payment-processing-in-sap
Intro to-payment-processing-in-sapIntro to-payment-processing-in-sap
Intro to-payment-processing-in-sap
puppala
 
FS for FICO
FS for FICOFS for FICO
FS for FICO
sadasivab
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
Mart Leepin
 
What is sap security
What is sap securityWhat is sap security
What is sap security
grconlinetraining
 
Cash Management in SAP
Cash Management in SAPCash Management in SAP
Cash Management in SAP
KamalGaur11
 
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grchkodali
 
example of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS moduleexample of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS module
Citra Nudiasari
 
SAP FI-BANK
SAP FI-BANKSAP FI-BANK
SAP FI-BANKsaiprasadbagrecha
 
inter-company-reconciliation in SAP
inter-company-reconciliation in SAPinter-company-reconciliation in SAP
inter-company-reconciliation in SAP
Rajeev Kumar
 
Fi mm integration
Fi mm integrationFi mm integration
Fi mm integration
Capgemini
 
Master data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guideMaster data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guide
Jonathan Eemans
 
6 7-users-authorization
6 7-users-authorization6 7-users-authorization
6 7-users-authorizationsanganiraju
 

More Related Content

What's hot

SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!
sapdocs. info
 
Sap fi overview
Sap fi overviewSap fi overview
Sap fi overview
compugrainc
 
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECTSAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
Venet Dheer
 
S/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and FunctionalityS/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and Functionality
Dickinson + Associates
 
Sap business process flows
Sap business process flowsSap business process flows
Sap business process flows
Verity Solutions
 
SAP Treasury management
SAP Treasury managementSAP Treasury management
SAP Treasury management
sarkarinaukriblog
 
Sap security-administration
Sap security-administrationSap security-administration
Sap security-administrationnanda nanda
 
SAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.infoSAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.info
sapdocs. info
 
Sap Implementation Presentation
Sap Implementation PresentationSap Implementation Presentation
Sap Implementation Presentation
larrymcc
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
sapdocs. info
 
Intro to-payment-processing-in-sap
Intro to-payment-processing-in-sapIntro to-payment-processing-in-sap
Intro to-payment-processing-in-sap
puppala
 
FS for FICO
FS for FICOFS for FICO
FS for FICO
sadasivab
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
Mart Leepin
 
What is sap security
What is sap securityWhat is sap security
What is sap security
grconlinetraining
 
Cash Management in SAP
Cash Management in SAPCash Management in SAP
Cash Management in SAP
KamalGaur11
 
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grchkodali
 
example of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS moduleexample of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS module
Citra Nudiasari
 
inter-company-reconciliation in SAP
inter-company-reconciliation in SAPinter-company-reconciliation in SAP
inter-company-reconciliation in SAP
Rajeev Kumar
 
Fi mm integration
Fi mm integrationFi mm integration
Fi mm integration
Capgemini
 

What's hot (20)

SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!SAP FICO BBP Sample Document PDF NEW!
SAP FICO BBP Sample Document PDF NEW!
 
Sap fi overview
Sap fi overviewSap fi overview
Sap fi overview
 
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECTSAP BUSINESS BLUE PRINT PRACTICE PROJECT
SAP BUSINESS BLUE PRINT PRACTICE PROJECT
 
S/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and FunctionalityS/4HANA Finance: New Features and Functionality
S/4HANA Finance: New Features and Functionality
 
Sap business process flows
Sap business process flowsSap business process flows
Sap business process flows
 
SAP Treasury management
SAP Treasury managementSAP Treasury management
SAP Treasury management
 
Sap security-administration
Sap security-administrationSap security-administration
Sap security-administration
 
SAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.infoSAP FICO General Ledger EndUser Training | www.sapdocs.info
SAP FICO General Ledger EndUser Training | www.sapdocs.info
 
Sap Implementation Presentation
Sap Implementation PresentationSap Implementation Presentation
Sap Implementation Presentation
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
 
Intro to-payment-processing-in-sap
Intro to-payment-processing-in-sapIntro to-payment-processing-in-sap
Intro to-payment-processing-in-sap
 
FS for FICO
FS for FICOFS for FICO
FS for FICO
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
 
What is sap security
What is sap securityWhat is sap security
What is sap security
 
Cash Management in SAP
Cash Management in SAPCash Management in SAP
Cash Management in SAP
 
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc
 
example of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS moduleexample of SAP Cut over strategy FI CO MM PS module
example of SAP Cut over strategy FI CO MM PS module
 
SAP FI-BANK
SAP FI-BANKSAP FI-BANK
SAP FI-BANK
 
inter-company-reconciliation in SAP
inter-company-reconciliation in SAPinter-company-reconciliation in SAP
inter-company-reconciliation in SAP
 
Fi mm integration
Fi mm integrationFi mm integration
Fi mm integration
 

Viewers also liked

Master data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guideMaster data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guide
Jonathan Eemans
 
6 7-users-authorization
6 7-users-authorization6 7-users-authorization
6 7-users-authorizationsanganiraju
 
Best Practices for Ensuring SAP ABAP Code Quality and Security
Best Practices for Ensuring SAP ABAP Code Quality and SecurityBest Practices for Ensuring SAP ABAP Code Quality and Security
Best Practices for Ensuring SAP ABAP Code Quality and Security
Virtual Forge
 
Extensible Authorization for SAP Applications Webinar
Extensible Authorization for SAP Applications WebinarExtensible Authorization for SAP Applications Webinar
Extensible Authorization for SAP Applications Webinar
NextLabs, Inc.
 
SAP HCM Structural Authorization Overview Presentation
SAP HCM Structural Authorization Overview PresentationSAP HCM Structural Authorization Overview Presentation
SAP HCM Structural Authorization Overview Presentation
KenBowers
 
Sap security tasks
Sap security tasksSap security tasks
Sap security tasks
Siva Pradeep Bolisetti
 
Step by step exercise for bw 365
Step by step exercise for bw 365Step by step exercise for bw 365
Step by step exercise for bw 365
Siva Pradeep Bolisetti
 
Governance Of Enterprise IT MIA
Governance Of Enterprise IT MIAGovernance Of Enterprise IT MIA
Governance Of Enterprise IT MIATroy DuMoulin
 
How to improve user experience via roles
How to improve user experience via rolesHow to improve user experience via roles
How to improve user experience via roles
Siva Pradeep Bolisetti
 
Calculation of optimum cost of transportation of goods from godowns to differ...
Calculation of optimum cost of transportation of goods from godowns to differ...Calculation of optimum cost of transportation of goods from godowns to differ...
Calculation of optimum cost of transportation of goods from godowns to differ...
Siva Pradeep Bolisetti
 
Bluetooth Technology -- detailed explanation
Bluetooth Technology -- detailed explanation Bluetooth Technology -- detailed explanation
Bluetooth Technology -- detailed explanation Siva Pradeep Bolisetti
 
Enterprise Risk Management Software
Enterprise Risk Management SoftwareEnterprise Risk Management Software
Enterprise Risk Management Software
Mike Taylor
 
Sappress sap governance risk and compliance
Sappress sap governance risk and complianceSappress sap governance risk and compliance
Sappress sap governance risk and compliance
Siva Pradeep Bolisetti
 
Use of network scheduling technique
Use of network scheduling technique Use of network scheduling technique
Use of network scheduling technique
Siva Pradeep Bolisetti
 
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,AustarliaSAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
online jobs
 
Bearing design for Turbo Generator- Internship at BHEL
Bearing design for Turbo Generator- Internship at BHELBearing design for Turbo Generator- Internship at BHEL
Bearing design for Turbo Generator- Internship at BHELSiva Pradeep Bolisetti
 
SAP HCM authorisations: streamline processes and improve HR data security
SAP HCM authorisations: streamline processes and improve HR data securitySAP HCM authorisations: streamline processes and improve HR data security
SAP HCM authorisations: streamline processes and improve HR data security
Sven Ringling
 
Simplifying SAP Plant Maintenance
Simplifying SAP Plant MaintenanceSimplifying SAP Plant Maintenance
Simplifying SAP Plant Maintenance
DeeDee Kato
 
SAP BI 7 security concepts
SAP BI 7 security conceptsSAP BI 7 security concepts
SAP BI 7 security concepts
Siva Pradeep Bolisetti
 
Best Practices for Managing a Global SuccessFactors Rollout
Best Practices for Managing a Global SuccessFactors Rollout Best Practices for Managing a Global SuccessFactors Rollout
Best Practices for Managing a Global SuccessFactors Rollout
GP Strategies Corporation
 

Viewers also liked (20)

Master data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guideMaster data distribution in SAP: implementation guide
Master data distribution in SAP: implementation guide
 
6 7-users-authorization
6 7-users-authorization6 7-users-authorization
6 7-users-authorization
 
Best Practices for Ensuring SAP ABAP Code Quality and Security
Best Practices for Ensuring SAP ABAP Code Quality and SecurityBest Practices for Ensuring SAP ABAP Code Quality and Security
Best Practices for Ensuring SAP ABAP Code Quality and Security
 
Extensible Authorization for SAP Applications Webinar
Extensible Authorization for SAP Applications WebinarExtensible Authorization for SAP Applications Webinar
Extensible Authorization for SAP Applications Webinar
 
SAP HCM Structural Authorization Overview Presentation
SAP HCM Structural Authorization Overview PresentationSAP HCM Structural Authorization Overview Presentation
SAP HCM Structural Authorization Overview Presentation
 
Sap security tasks
Sap security tasksSap security tasks
Sap security tasks
 
Step by step exercise for bw 365
Step by step exercise for bw 365Step by step exercise for bw 365
Step by step exercise for bw 365
 
Governance Of Enterprise IT MIA
Governance Of Enterprise IT MIAGovernance Of Enterprise IT MIA
Governance Of Enterprise IT MIA
 
How to improve user experience via roles
How to improve user experience via rolesHow to improve user experience via roles
How to improve user experience via roles
 
Calculation of optimum cost of transportation of goods from godowns to differ...
Calculation of optimum cost of transportation of goods from godowns to differ...Calculation of optimum cost of transportation of goods from godowns to differ...
Calculation of optimum cost of transportation of goods from godowns to differ...
 
Bluetooth Technology -- detailed explanation
Bluetooth Technology -- detailed explanation Bluetooth Technology -- detailed explanation
Bluetooth Technology -- detailed explanation
 
Enterprise Risk Management Software
Enterprise Risk Management SoftwareEnterprise Risk Management Software
Enterprise Risk Management Software
 
Sappress sap governance risk and compliance
Sappress sap governance risk and complianceSappress sap governance risk and compliance
Sappress sap governance risk and compliance
 
Use of network scheduling technique
Use of network scheduling technique Use of network scheduling technique
Use of network scheduling technique
 
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,AustarliaSAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
 
Bearing design for Turbo Generator- Internship at BHEL
Bearing design for Turbo Generator- Internship at BHELBearing design for Turbo Generator- Internship at BHEL
Bearing design for Turbo Generator- Internship at BHEL
 
SAP HCM authorisations: streamline processes and improve HR data security
SAP HCM authorisations: streamline processes and improve HR data securitySAP HCM authorisations: streamline processes and improve HR data security
SAP HCM authorisations: streamline processes and improve HR data security
 
Simplifying SAP Plant Maintenance
Simplifying SAP Plant MaintenanceSimplifying SAP Plant Maintenance
Simplifying SAP Plant Maintenance
 
SAP BI 7 security concepts
SAP BI 7 security conceptsSAP BI 7 security concepts
SAP BI 7 security concepts
 
Best Practices for Managing a Global SuccessFactors Rollout
Best Practices for Managing a Global SuccessFactors Rollout Best Practices for Managing a Global SuccessFactors Rollout
Best Practices for Managing a Global SuccessFactors Rollout
 

Similar to Authorisations in SAP: best practices

Formalizing Collaborative Software Development Issues: A Collaborative Work A...
Formalizing Collaborative Software Development Issues: A Collaborative Work A...Formalizing Collaborative Software Development Issues: A Collaborative Work A...
Formalizing Collaborative Software Development Issues: A Collaborative Work A...
IOSR Journals
 
Sap security bad practices
Sap security bad practicesSap security bad practices
Sap security bad practices
Satyajit Deb
 
Mitul Jain SAP GRC Security
Mitul Jain SAP GRC SecurityMitul Jain SAP GRC Security
Mitul Jain SAP GRC Securitymitul jain
 
40411923 business-analyst
40411923 business-analyst40411923 business-analyst
40411923 business-analyst
Har Da
 
Whitepaper: Continuous Compliance in SAP Environments - Happiest Minds
Whitepaper: Continuous Compliance in SAP Environments - Happiest MindsWhitepaper: Continuous Compliance in SAP Environments - Happiest Minds
Whitepaper: Continuous Compliance in SAP Environments - Happiest Minds
Happiest Minds Technologies
 
Continuous Compliance-in-Sap-Environments
Continuous Compliance-in-Sap-EnvironmentsContinuous Compliance-in-Sap-Environments
Continuous Compliance-in-Sap-Environments
happiestmindstech
 
Requirements management and the business analyst
Requirements management and the business analystRequirements management and the business analyst
Requirements management and the business analystRobert Darko
 
Mcom Ba Training Module 1
Mcom Ba Training Module 1Mcom Ba Training Module 1
Mcom Ba Training Module 1mcom
 
SAP MM Authorization Matrix and User roles.pdf
SAP MM Authorization Matrix and User roles.pdfSAP MM Authorization Matrix and User roles.pdf
SAP MM Authorization Matrix and User roles.pdf
AmanKumarSaksena
 
Sap implementation
Sap implementationSap implementation
Sap implementation
Sanjay Vispute
 
Mark Foley Agile Methods And The Business Analystc
Mark Foley Agile Methods And The Business AnalystcMark Foley Agile Methods And The Business Analystc
Mark Foley Agile Methods And The Business Analystc
Mia Horrigan
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
 
How to Become a Business Analyst in 2022: Skills and Salary?
How to Become a Business Analyst in 2022: Skills and Salary?How to Become a Business Analyst in 2022: Skills and Salary?
How to Become a Business Analyst in 2022: Skills and Salary?
Super 20 Training Institute
 
Bua 235 bpm-chap 7
Bua 235 bpm-chap 7Bua 235 bpm-chap 7
Bua 235 bpm-chap 7UMaine
 
Business analyst
Business analystBusiness analyst
Business analyst
rajivkamal
 
BPM - The Promise And Challenges
BPM - The Promise And ChallengesBPM - The Promise And Challenges
BPM - The Promise And Challenges
Jerald Burget
 
Requirements Are Optional, Right?
Requirements Are Optional, Right?Requirements Are Optional, Right?
Requirements Are Optional, Right?
thomstrat
 
OneAccess-UserManager
OneAccess-UserManagerOneAccess-UserManager
OneAccess-UserManager
Selva Kumar ITIL CGAP CISA GRC10.0 Certified
 
SAP-Security-Madhu
SAP-Security-MadhuSAP-Security-Madhu
SAP-Security-MadhuMadhu Sharma
 

Similar to Authorisations in SAP: best practices (20)

Formalizing Collaborative Software Development Issues: A Collaborative Work A...
Formalizing Collaborative Software Development Issues: A Collaborative Work A...Formalizing Collaborative Software Development Issues: A Collaborative Work A...
Formalizing Collaborative Software Development Issues: A Collaborative Work A...
 
Sap security bad practices
Sap security bad practicesSap security bad practices
Sap security bad practices
 
Mitul Jain SAP GRC Security
Mitul Jain SAP GRC SecurityMitul Jain SAP GRC Security
Mitul Jain SAP GRC Security
 
40411923 business-analyst
40411923 business-analyst40411923 business-analyst
40411923 business-analyst
 
Whitepaper: Continuous Compliance in SAP Environments - Happiest Minds
Whitepaper: Continuous Compliance in SAP Environments - Happiest MindsWhitepaper: Continuous Compliance in SAP Environments - Happiest Minds
Whitepaper: Continuous Compliance in SAP Environments - Happiest Minds
 
Continuous Compliance-in-Sap-Environments
Continuous Compliance-in-Sap-EnvironmentsContinuous Compliance-in-Sap-Environments
Continuous Compliance-in-Sap-Environments
 
Requirements management and the business analyst
Requirements management and the business analystRequirements management and the business analyst
Requirements management and the business analyst
 
Mcom Ba Training Module 1
Mcom Ba Training Module 1Mcom Ba Training Module 1
Mcom Ba Training Module 1
 
SAP MM Authorization Matrix and User roles.pdf
SAP MM Authorization Matrix and User roles.pdfSAP MM Authorization Matrix and User roles.pdf
SAP MM Authorization Matrix and User roles.pdf
 
Sap implementation
Sap implementationSap implementation
Sap implementation
 
Mark Foley Agile Methods And The Business Analystc
Mark Foley Agile Methods And The Business AnalystcMark Foley Agile Methods And The Business Analystc
Mark Foley Agile Methods And The Business Analystc
 
Writing Sample 2
Writing Sample 2Writing Sample 2
Writing Sample 2
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
 
How to Become a Business Analyst in 2022: Skills and Salary?
How to Become a Business Analyst in 2022: Skills and Salary?How to Become a Business Analyst in 2022: Skills and Salary?
How to Become a Business Analyst in 2022: Skills and Salary?
 
Bua 235 bpm-chap 7
Bua 235 bpm-chap 7Bua 235 bpm-chap 7
Bua 235 bpm-chap 7
 
Business analyst
Business analystBusiness analyst
Business analyst
 
BPM - The Promise And Challenges
BPM - The Promise And ChallengesBPM - The Promise And Challenges
BPM - The Promise And Challenges
 
Requirements Are Optional, Right?
Requirements Are Optional, Right?Requirements Are Optional, Right?
Requirements Are Optional, Right?
 
OneAccess-UserManager
OneAccess-UserManagerOneAccess-UserManager
OneAccess-UserManager
 
SAP-Security-Madhu
SAP-Security-MadhuSAP-Security-Madhu
SAP-Security-Madhu
 

Recently uploaded

Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
NYGGS Automation Suite
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
Łukasz Chruściel
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)
abdulrafaychaudhry
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
ShamsuddeenMuhammadA
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
Google
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Nidhi Software Price. Fact , Costs, Tips
Nidhi Software Price. Fact , Costs, TipsNidhi Software Price. Fact , Costs, Tips
Nidhi Software Price. Fact , Costs, Tips
vrstrong314
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
Enterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptxEnterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptx
QuickwayInfoSystems3
 

Recently uploaded (20)

Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Nidhi Software Price. Fact , Costs, Tips
Nidhi Software Price. Fact , Costs, TipsNidhi Software Price. Fact , Costs, Tips
Nidhi Software Price. Fact , Costs, Tips
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
Enterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptxEnterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptx
 

Authorisations in SAP: best practices

  • 1. 26/01/2017 1Jonathan Eemans JE Consulting Authorisations in SAP Best practices
  • 2. 26/01/2017 2 Authorisations in SAP: best practices 1. Role naming conventions Role naming convention Lack of naming convention, inconsistent naming convention or inappropriate naming convention is the most basic mistake that an organisation can make. And this does not just impact the user administrator (who may not be able to identify with the roles after some time), it adversely impacts business users as well as auditors. Business users are often not conversant with transaction codes and authorization objects and rely on the role name and description to understand the role. Without a good and consistent naming convention, they may struggle to make sense of the roles. SOLUTION: Define logic naming convention and respect this naming convention at all times. Example: ZS/C_XX_<Description>/<Job>_YYYY with S = Single role / C = Composite role XX = Domain (CA, GL, AP etc.) <Description> (single role) = Description (GLMAST_MAINT for g/l account maintenance, GLMAST_DISPL for g/l account display, etc.) <Job> (composite role) = Job (MMPUR for purchaser, FITR for treasury, FIGEN for accountants etc.) YYYY = Master / Organisational unit (MAST if master role, #### for Company 1, etc.)
  • 3. 26/01/2017 3 Authorisations in SAP: best practices 2. Role design Role design Use different types of roles correctly.  Single roles  Composite roles  Master / parent roles  Derived / child roles SOLUTION: Correctly design roles using authorisation matrix.
  • 4. 26/01/2017 4 Authorisations in SAP: best practices 2. Role design 1. Define single roles 2. Assign single roles to composite roles 3. Define slave roles 4. Assign composite roles to users
  • 5. 26/01/2017 5 Authorisations in SAP: best practices 2. Role design: Master / derived roles Concept A derived role has identical attributes (transactions / authorization object values) as it parent except the values of the organizational level fields (plant, company code, sales organisation etc. ). Advantage Thus maintenance is simplified as only the organisational levels have to be maintained at the derived role level. This also ensures that there is no opportunity to make mistakes during authorisation maintenance for the multitude of derived roles and also reduces testing effort for roles.
  • 6. 26/01/2017 6 Authorisations in SAP: best practices 2. Role design: Master / derived roles Example Master role Derived role Transactions and authorisations Derived role are maintained in the master role is assigned to master role Organisation levels are not assigned in master role Organisational levels are assigned
  • 7. 26/01/2017 7 Authorisations in SAP: best practices 3. Maintain authorisation matrix Authorisation matrix
  • 8. 26/01/2017 8 Authorisations in SAP: best practices 4. Document changes in authorisations Document changes to authorisation roles
  • 9. 26/01/2017 9 Authorisations in SAP: best practices 5. Non-maintained authorisations Unmaintained authorisations Many user administrators leave unmaintained authorisation (i.e. objects with some unmaintained field values) in the profile. Such unmaintained authorization often become big nuisance in long run. They are also one of the most common reason behind false positives raised during authorization review. SOLUTION: Maintain all authorisation objects in the authorisation profile.
  • 10. 26/01/2017 10 Authorisations in SAP: best practices Tip 1 for maintaining authorisations: deactivate but keep the standard When changing authorisation objects the best way is to make a copy, deactivate the standard, and make changes to the copy.
  • 11. 26/01/2017 11 Authorisations in SAP: best practices Tip 2 for maintaining authorisations: Read old status and merge with new data Use option ‘Read old status and merge with new data’ If you have a ‘Standard’ and a ‘Change’, the option ‘Read old status and merge with old data’ will not insert a new authorisation object.