SlideShare a Scribd company logo

What is sap security

Download as DOCX, PDF
grconlinetraining
grconlinetraining

GRC Online Training , SAP GRC training with real time consultants. SAP Security training, sap security online training

1 of 50
Downloaded 102 times
SAP SECURITY ONLINE TRAINIG
 Security   SAP Security Components   Security Solution Map   Access control concepts   PFCG   Conclusion
SECURITY  Prevent Unauthorized Access
SAP Security Components
Security Solution Map
An Overview of R/3 Security Services
Access control in SAP is composed of several concepts  Program code   Authorization fields   ACTIVITY   COMPANY_CODE   Authorization objects   Authorizations
  Profiles   Role   Users
Program Code That calls an authorization check using the authority-check statement. This will look something like  authority-check object id field Authorization fields: That define a scope of possible values. Examples of authorization fields would be   ACTIVITY: defines the type of activity the user is doing with the data. Possible values are 'DISPLAY', 'MODIFY', 'DELETE', etc.   COMPANY_CODE: possible values are any single value, or any range of values, or any combination thereof such as '0438' and '0600' thru '1100'
Authorization fields Authorization fields: That define a scope of possible values. Examples of authorization fields would be ACTIVITY: defines the type of activity the user is doing with the data. Possible values are 'DISPLAY', 'MODIFY', 'DELETE', etc. COMPANY_CODE: possible values are any single value, or any range of values, or any combination thereof such as '0438' and '0600' thru '1100'
Authorization objects Authorization objects that define a group of fields. For example, an authorization object called 'CO_MDATA', containing fields ACTIVITY and COMPANY_CODE, might used to control access to the company master data tables.
Authorizations Authorizations, each of which belong to exactly one authorization object, that define authorizationvalues (within the scopes defined by the authorizationobjects) to be granted to users. Note that an authorization is different from an authorizationobject!! Extending our previous examples, we might have an authorization, belonging to the authorizationobject 'CO_MDATA',called 'CO_MDATA_ALL', that grants all access to all company master data. Then 'CO_MDATA_ALL'would have the following values: FIELD VALUE ACTIVITY * COMPANY_CODE *
Profiles 1. Profiles, each of which may contain several authorizations or profiles. A simple profile contains a group of authorizations. A composite profile contains a group of profiles (simple or composite). [Profiles can be conceptualized as forming the structure of a tree, in which end nodes (leaves) are authorizations, and all other nodes are profiles. Simple profiles are nodes whose children are all end nodes, and composite profiles are nodes, other than end nodes, who have no end nodes for children.]  Profiles are designed to define set or one or more functions or positions. For example, a functional profile might define all the authorizations that are required for doing a goods receipt, or for making a payment in the AP module. A position profile, on the other hand, might define all of the authorizations that are granted to an accountant, or to a warehouse supervisor. Often, a position profile is a composite profile consisting of several functional profiles.
Roles Roles are collectionsof activities which allow a user to use one or more business scenarios of an organization. According to the standard SAP role concept,roles containingaccess rights are assigned to users. These authorizationsare then checked when the user performs certain actions, such as starting a transaction. Assigning a Standard Role to a User Changing Standard Roles Creating Composite Roles Note: The term activity group was replaced with the term role in SAP R/3 Release 4.6C.
Composite roles  Composite roles can simplify the user administration.  They consist of single roles. Users who are assigned a composite role are automatically assigned the associated single roles during the compare. Composite roles do not themselves contain authorization data.  Setting up composite roles are useful for example if some of your users need authorization for several roles. You can create a composite role and assign it to the users instead of putting each user in each required single role.
Derive Roles Derive Roles: There are two possible reasons for deriving a role from an existing role:  The role menus are identical but the authorizations for the menu actions are different in the derived role.   The menu and authorizations of the derived role are identical, but the organizational levels are different in the derived role.
What is PFCG  The Profile Generator is a SAP tool.  Can be used to automatically create profiles and assign them easily to users.  Only selects and uses the necessary authorization objects, avoiding excessive validations in the system and thereby improving performance.  Facilitates functional communication between security or the authorization administrator and end users or consultants.  Makes defining and maintaining authorization profiles easier.
Configuring PFCG Beforeusing the PFGC for the first time, there are 4 steps that are required to configure and work with PFCG Tool. 1) Activate the PFCG  Based on Instance Profile parameter “auth/no_check_in_some_cases=y  2) Set Up the Initial Copy of Profile Generator Configuration Tables (T-Code SU25)  Transfer the SAP transactions and authorization objects from SAP tables USOBT and USOBX to customer USOBT_C and USOBX_C.  You can then maintain these tables using T-Code SU24.
 Table USOBT includes the relation between the transactions and the authorization objects. 3) Maintain the Scope of Authorizations Object Checks in Transactions (T-Code SU24)  This is not a mandatory step, but can be used by customers to maintain their own authorizationobjects to custom transactions. 4) Generate the Company Menu  Generate the SAP Standard menu and then the company menu.
Create Roles 1. Choose the pushbutton Create role or the transaction PFCG in the initial transaction SAP Easy Access. You go to the role maintenance. 2. Specify a name for the role. The roles delivered by SAP have the prefix 'SAP_'. Do not use the SAP namespace for your user roles. 3. SAP does not distinguish between the names of simple and composite roles. You should adopt your own naming convention to distinguish between simple and composite roles. 4. Choose Create.
5. Enter a meaningful role description text. You can describe the activities in the role in detail. To assign Knowledge Warehouse documentation to the role, choose Utilities ® Info object ® Assign. The user of the role can then display the documentation.
MENU TAB 2. Assign transactions, programs and/or web addresses to the role in the MENU tab. The user menu which you create here is called automatically when the user to whom this role is assigned logs on to the SAP System. You can create the authorizations for the transactions in the role menu structure in the AUTHORIZATIONS tab.
MENU
SAP Menu You can copy complete menu branches from the SAP menu by clicking on the cross in front of it in the user menu. Expand the menu branch if you want to put lower-level nodes or individual transactions/programs in the user menu.
ABAB REPORT  Choose a report and a variant. You can skip the selection screen.  You can generate a transaction code automaticallyand copy the report description by setting checkboxes.   Save and Move to Authorizations Tab.
Generating Authorizations  To create authorizationsfor a role, choose AUTHORIZATIONS in the role maintenance.  The AUTHORIZATIONS tab displays creation and change information as well as information on the authorization profile (includingthe profile name, profile text and status).  Click on the change authorization
Choose Change Authorization Data 1. Choose the menu Click on the expand menu go to the respective authorization object and check the activity field assign the activity to be performed. 2. Save.
Assign Profile Name  Save the Profile and Click on Generate  You will be prompted with Default System generated Profile Name  You can keep this or you can change the Name of the Profile  Once Generated You can assign the profile to Users.
ASSIGN PROFILES TO USERS  Assign Profile to USERS  Comparing the new profile with existing profiles by using USER COMPARISION  Old profile is overwritten by new profile.  Save
MiniApps  MiniApps for the role   MiniApps are simple intuitive Web applications. The assignment of MiniApps to a role determines which MiniApps the user sees in his or her mySAP Workplace.   Save and Exit
CONCLUSION It sounds complicated , but once you start working with authorizations, it's pretty easy.
About Approva  Founded in 2001, Approva Corporation provides enterprise controls management software that enables Finance, IT, and 
Audit to automate and strengthen business controls. Approva’s software product, BizRights, enables companies to perform:
Approva Provides Approva provides enterprise controls management software that enables Business, Finance, IT and Audit to automate and strengthen business controls.
On-Demand Testing Closed-Loop Remediation Continuous Exception- Based Monitoring
What Is BizRights? BizRights is a web-based, cross-application, cross-platformenterprise controls application. This means that BizRights can monitor security and transactionaldata from any ERP system or platform, as well as multiple systems and platforms. Examples of what BizRights can tell you: If the same user performed the same transactions in two different SAP clients If user profiles for SAP and Oracle create a security risk or SegregationofDuties (SoD)violation If a user performed sensitive transactions that should be monitored If a user changedMasterData records
If a SAP client is configured to reduce risk If transactions were performed of an unusually high monetary value, such as purchase orders that exceeda million dollars What your business is doing, according to your business rules BizRights can monitor millions of records and thousands of transactions any time you want, as often as you want. BizRights is designedfor functional business professionals as wellas technical specialists, including: FinancialAuditors, Internal Controls staff, Compliance staff, Business Process Owners, IT Security Auditors, External Auditors More than just finding and fixing SoD violations, BizRights can monitorbusiness process transactions, including Procure-to-Pay, Financial Close, Order-to-Cash, and Payroll.
Segregation of Duties  Segregation of duties is a basic, key internal control and one of the most difficult to achieve. It is used to ensure that errors or irregularities are prevented or detected on a timely basis by employees in the normal course of business. Segregation of duties provides two benefits: 1) a deliberate fraud is more difficult because it requires collusion of two or more persons, and 2) it is much more likely that innocent errors will be found. At the most basic level, it means that
no single individual should have control over two or more phases of a transaction or operation. Management should assign responsibilities to ensure a crosscheck of duties.
CATEGORIES There are four general categories of duties or responsibilities which are examined when segregation of duties are discussed: authorization, custody, record keeping and reconciliation. In an ideal system, different employees would perform each of these four major functions. In other words, no one person should have control of two or more of
these responsibilities. The more negotiable the asset, the greater the need for proper segregation of duties - especially when dealing with cash, negotiable checks and inventories
Authorization Authorization: the process of reviewing and approving transactions or operations. Some examples are: > Verifying cash collections and daily balancing reports.
> Approving purchase requisitions or purchase orders. > Approving time sheets, payroll certifications, leave requests and cumulative leave records. > Approving change orders, computer system design or programming changes.
Custody Having access to or control over any physical asset such as cash, checks, equipment, supplies, or materials. Some examples are: Access to any funds through the collectionof funds, or processingof payments.
> Access to safes, lock boxes, file cabinets or other places where money, checks or other assets are stored. > Custodianof a petty cash or change fund. > Receivingany goods or services. > Maintaining inventories. > Handlingor distributingpaychecks/advices, limited purchasechecks or other checks.
Record Keeping The process of creating and maintainingrecords of revenues, expenditures, inventories, and personnel transactions. These may be manual records or records maintainedin automatedcomputer systems. Some examples are:
> Preparingcash receipt back-ups or billings, purchase requisitions, payroll certifications, and leave records. > Entering charges or posting payments to an accounts receivablesystem. > Maintaining inventoryrecords.
Reconciliation Verifying the processing or recording of transactionsto ensure that all transactionsare valid, properlyauthorized and properlyrecorded on a timely basis. This includesfollowing up on any differences or discrepancies identified. Examples are: > Comparing billing documentsto billing summaries. > Comparing funds collectedto accountsreceivable postings.
> Comparing collectionsto deposits. > Performing surprise counts of funds. > Comparing payroll certifications to payroll summaries. > Performing physical inventory counts. > Comparing inventory changes to amounts purchased and sold. > Reconciling departmental records of revenue, expenditure, and payroll transactionsto the PeopleSoft management reports.
Pleasecontact
Ad

Recommended

SAP Security important Questions
SAP Security important QuestionsSAP Security important Questions
SAP Security important Questions
Ragu M
 
Sap security-administration
Sap security-administrationSap security-administration
Sap security-administration
nanda nanda
 
SAP SECURITY GRC
SAP SECURITY GRCSAP SECURITY GRC
SAP SECURITY GRC
techgurusuresh
 
SAP Security & GRC Framework
SAP Security & GRC FrameworkSAP Security & GRC Framework
SAP Security & GRC Framework
Harish Sharma
 
Sap Mm
Sap MmSap Mm
Sap Mm
Ravi Jain
 
SAP GRC
SAP GRC SAP GRC
SAP GRC
Kellton Tech Solutions Ltd
 
Sap Implementation Presentation
Sap Implementation PresentationSap Implementation Presentation
Sap Implementation Presentation
larrymcc
 
Concepts of cutover planning and management
Concepts of cutover planning and managementConcepts of cutover planning and management
Concepts of cutover planning and management
Sanjay Choubey
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
Nasir Gondal
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
sapdocs. info
 
Practical guide for sap security
Practical guide for sap security Practical guide for sap security
Practical guide for sap security
Siva Pradeep Bolisetti
 
Introduction on sap security
Introduction on sap securityIntroduction on sap security
Introduction on sap security
yektek
 
Sap security interview question & answers
Sap security interview question & answersSap security interview question & answers
Sap security interview question & answers
Nancy Nelida
 
Iia los angeles sap security presentation
Iia los angeles sap security presentation Iia los angeles sap security presentation
Iia los angeles sap security presentation
hkodali
 
Sap security tasks
Sap security tasksSap security tasks
Sap security tasks
Siva Pradeep Bolisetti
 
sap security interview_questions
sap security interview_questionssap security interview_questions
sap security interview_questions
sumitmsn2
 
SAP Security interview questions
SAP Security interview questionsSAP Security interview questions
SAP Security interview questions
Siva Pradeep Bolisetti
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
 
Sap Security Workshop
Sap Security WorkshopSap Security Workshop
Sap Security Workshop
larrymcc
 
165373293 sap-security-q
165373293 sap-security-q165373293 sap-security-q
165373293 sap-security-q
Anywhere Gondodza SAP.GRC.FI.B.COM.ACC.HONS (MSU)
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and Compliance
TLI GrowthSession
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
Mart Leepin
 
SAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM WorkflowsSAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM Workflows
Rohan Andrews
 
SAP GRC 10 Access Control
SAP GRC 10 Access ControlSAP GRC 10 Access Control
SAP GRC 10 Access Control
Nasir Gondal
 
Anil kumar sap security & GRC
Anil kumar sap security & GRCAnil kumar sap security & GRC
Anil kumar sap security & GRC
Anil Kumar
 
Authorisations in SAP: best practices
Authorisations in SAP: best practicesAuthorisations in SAP: best practices
Authorisations in SAP: best practices
Jonathan Eemans
 
Anil kumar sap security and grc consultant
Anil kumar sap security and grc consultantAnil kumar sap security and grc consultant
Anil kumar sap security and grc consultant
Anil Kumar
 
SAP ADMINISTRATION
SAP ADMINISTRATIONSAP ADMINISTRATION
SAP ADMINISTRATION
Aly Adel
 
Upgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overviewUpgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overview
H.C. Chen
 
Sap security for audit seminar
Sap security for audit seminarSap security for audit seminar
Sap security for audit seminar
Amit Gupta
 
Ad

More Related Content

What's hot (20)

Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
Nasir Gondal
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
sapdocs. info
 
Practical guide for sap security
Practical guide for sap security Practical guide for sap security
Practical guide for sap security
Siva Pradeep Bolisetti
 
Introduction on sap security
Introduction on sap securityIntroduction on sap security
Introduction on sap security
yektek
 
Sap security interview question & answers
Sap security interview question & answersSap security interview question & answers
Sap security interview question & answers
Nancy Nelida
 
Iia los angeles sap security presentation
Iia los angeles sap security presentation Iia los angeles sap security presentation
Iia los angeles sap security presentation
hkodali
 
Sap security tasks
Sap security tasksSap security tasks
Sap security tasks
Siva Pradeep Bolisetti
 
sap security interview_questions
sap security interview_questionssap security interview_questions
sap security interview_questions
sumitmsn2
 
SAP Security interview questions
SAP Security interview questionsSAP Security interview questions
SAP Security interview questions
Siva Pradeep Bolisetti
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
 
Sap Security Workshop
Sap Security WorkshopSap Security Workshop
Sap Security Workshop
larrymcc
 
165373293 sap-security-q
165373293 sap-security-q165373293 sap-security-q
165373293 sap-security-q
Anywhere Gondodza SAP.GRC.FI.B.COM.ACC.HONS (MSU)
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and Compliance
TLI GrowthSession
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
Mart Leepin
 
SAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM WorkflowsSAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM Workflows
Rohan Andrews
 
SAP GRC 10 Access Control
SAP GRC 10 Access ControlSAP GRC 10 Access Control
SAP GRC 10 Access Control
Nasir Gondal
 
Anil kumar sap security & GRC
Anil kumar sap security & GRCAnil kumar sap security & GRC
Anil kumar sap security & GRC
Anil Kumar
 
Authorisations in SAP: best practices
Authorisations in SAP: best practicesAuthorisations in SAP: best practices
Authorisations in SAP: best practices
Jonathan Eemans
 
Anil kumar sap security and grc consultant
Anil kumar sap security and grc consultantAnil kumar sap security and grc consultant
Anil kumar sap security and grc consultant
Anil Kumar
 
SAP ADMINISTRATION
SAP ADMINISTRATIONSAP ADMINISTRATION
SAP ADMINISTRATION
Aly Adel
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
Nasir Gondal
 
Authorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.infoAuthorisation Concept In SAP | http://sapdocs.info
Authorisation Concept In SAP | http://sapdocs.info
sapdocs. info
 
Practical guide for sap security
Practical guide for sap security Practical guide for sap security
Practical guide for sap security
Siva Pradeep Bolisetti
 
Introduction on sap security
Introduction on sap securityIntroduction on sap security
Introduction on sap security
yektek
 
Sap security interview question & answers
Sap security interview question & answersSap security interview question & answers
Sap security interview question & answers
Nancy Nelida
 
Iia los angeles sap security presentation
Iia los angeles sap security presentation Iia los angeles sap security presentation
Iia los angeles sap security presentation
hkodali
 
Sap security tasks
Sap security tasksSap security tasks
Sap security tasks
Siva Pradeep Bolisetti
 
sap security interview_questions
sap security interview_questionssap security interview_questions
sap security interview_questions
sumitmsn2
 
SAP Security interview questions
SAP Security interview questionsSAP Security interview questions
SAP Security interview questions
Siva Pradeep Bolisetti
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
 
Sap Security Workshop
Sap Security WorkshopSap Security Workshop
Sap Security Workshop
larrymcc
 
165373293 sap-security-q
165373293 sap-security-q165373293 sap-security-q
165373293 sap-security-q
Anywhere Gondodza SAP.GRC.FI.B.COM.ACC.HONS (MSU)
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and Compliance
TLI GrowthSession
 
SU01 - Background and Instruction
SU01 - Background and InstructionSU01 - Background and Instruction
SU01 - Background and Instruction
Mart Leepin
 
SAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM WorkflowsSAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM Workflows
Rohan Andrews
 
SAP GRC 10 Access Control
SAP GRC 10 Access ControlSAP GRC 10 Access Control
SAP GRC 10 Access Control
Nasir Gondal
 
Anil kumar sap security & GRC
Anil kumar sap security & GRCAnil kumar sap security & GRC
Anil kumar sap security & GRC
Anil Kumar
 
Authorisations in SAP: best practices
Authorisations in SAP: best practicesAuthorisations in SAP: best practices
Authorisations in SAP: best practices
Jonathan Eemans
 
Anil kumar sap security and grc consultant
Anil kumar sap security and grc consultantAnil kumar sap security and grc consultant
Anil kumar sap security and grc consultant
Anil Kumar
 
SAP ADMINISTRATION
SAP ADMINISTRATIONSAP ADMINISTRATION
SAP ADMINISTRATION
Aly Adel
 

Viewers also liked (14)

Upgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overviewUpgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overview
H.C. Chen
 
Sap security for audit seminar
Sap security for audit seminarSap security for audit seminar
Sap security for audit seminar
Amit Gupta
 
SAP security made easy
SAP security made easySAP security made easy
SAP security made easy
ERPScan
 
64716tms
64716tms64716tms
64716tms
hithendranunna
 
Sap Net Weaver Ourview
Sap Net Weaver OurviewSap Net Weaver Ourview
Sap Net Weaver Ourview
guest2e979d
 
Sap Change And Transport Management
Sap Change And Transport ManagementSap Change And Transport Management
Sap Change And Transport Management
Ravi Jain
 
Implementing SAP security in 5 steps
Implementing SAP security in 5 stepsImplementing SAP security in 5 steps
Implementing SAP security in 5 steps
ERPScan
 
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Anjali Rao
 
Transportation in sap
Transportation in sapTransportation in sap
Transportation in sap
shantdey
 
Internet Security
Internet SecurityInternet Security
Internet Security
Chris Rodgers
 
SAP HR - PPT
SAP HR - PPTSAP HR - PPT
SAP HR - PPT
saiprasadbagrecha
 
SAP Transport System; Step-by-step guide from concept to practical
SAP Transport System; Step-by-step guide from concept to practicalSAP Transport System; Step-by-step guide from concept to practical
SAP Transport System; Step-by-step guide from concept to practical
Nasir Gondal
 
SAP - Transportation Module Study material
SAP - Transportation Module Study materialSAP - Transportation Module Study material
SAP - Transportation Module Study material
Minda Industries Ltd, SAP centre
 
99 Facts on the Future of Business in the Digital Economy
99 Facts on the Future of Business in the Digital Economy99 Facts on the Future of Business in the Digital Economy
99 Facts on the Future of Business in the Digital Economy
removed_98c8d4827eb0208c4db118838b8f6010
 
Upgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overviewUpgrade to sap ecc 6 from short overview
Upgrade to sap ecc 6 from short overview
H.C. Chen
 
Sap security for audit seminar
Sap security for audit seminarSap security for audit seminar
Sap security for audit seminar
Amit Gupta
 
SAP security made easy
SAP security made easySAP security made easy
SAP security made easy
ERPScan
 
64716tms
64716tms64716tms
64716tms
hithendranunna
 
Sap Net Weaver Ourview
Sap Net Weaver OurviewSap Net Weaver Ourview
Sap Net Weaver Ourview
guest2e979d
 
Sap Change And Transport Management
Sap Change And Transport ManagementSap Change And Transport Management
Sap Change And Transport Management
Ravi Jain
 
Implementing SAP security in 5 steps
Implementing SAP security in 5 stepsImplementing SAP security in 5 steps
Implementing SAP security in 5 steps
ERPScan
 
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Quick Walk Through -SAP Transportation Management.How It Is Beneficial?
Anjali Rao
 
Transportation in sap
Transportation in sapTransportation in sap
Transportation in sap
shantdey
 
Internet Security
Internet SecurityInternet Security
Internet Security
Chris Rodgers
 
SAP HR - PPT
SAP HR - PPTSAP HR - PPT
SAP HR - PPT
saiprasadbagrecha
 
SAP Transport System; Step-by-step guide from concept to practical
SAP Transport System; Step-by-step guide from concept to practicalSAP Transport System; Step-by-step guide from concept to practical
SAP Transport System; Step-by-step guide from concept to practical
Nasir Gondal
 
SAP - Transportation Module Study material
SAP - Transportation Module Study materialSAP - Transportation Module Study material
SAP - Transportation Module Study material
Minda Industries Ltd, SAP centre
 
99 Facts on the Future of Business in the Digital Economy
99 Facts on the Future of Business in the Digital Economy99 Facts on the Future of Business in the Digital Economy
99 Facts on the Future of Business in the Digital Economy
removed_98c8d4827eb0208c4db118838b8f6010
 
Ad

Similar to What is sap security (20)

Sap basis and_security_administration
Sap basis and_security_administrationSap basis and_security_administration
Sap basis and_security_administration
Anil Kumar Reddy Cheppalli
 
Salesforce Spring 14 Release Developer Overview
Salesforce Spring 14 Release Developer OverviewSalesforce Spring 14 Release Developer Overview
Salesforce Spring 14 Release Developer Overview
Roy Gilad
 
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.docCRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
KrisStone4
 
96593102 sap-cs
96593102 sap-cs96593102 sap-cs
96593102 sap-cs
nvsvijay
 
Oracle_Procurement_Cloud_Release_8_Whats_New
Oracle_Procurement_Cloud_Release_8_Whats_NewOracle_Procurement_Cloud_Release_8_Whats_New
Oracle_Procurement_Cloud_Release_8_Whats_New
Khalil Rehman NLP (MPrac) MCIPS, PMP,OCP
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
 
Client Actions In Odoo 17 - Odoo 17 Slides
Client Actions In Odoo 17 - Odoo 17 SlidesClient Actions In Odoo 17 - Odoo 17 Slides
Client Actions In Odoo 17 - Odoo 17 Slides
Celine George
 
Hr structural auths
Hr structural authsHr structural auths
Hr structural auths
hkodali
 
R12 MOAC AND PAYABLES
R12 MOAC AND PAYABLESR12 MOAC AND PAYABLES
R12 MOAC AND PAYABLES
Amit Chintawar
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup Document
Rajendra Gudla
 
CSI Authorization Auditor 2014 Brochure
CSI Authorization Auditor 2014 BrochureCSI Authorization Auditor 2014 Brochure
CSI Authorization Auditor 2014 Brochure
CSI tools
 
SAP BASIS Training in Chennai
SAP BASIS Training in ChennaiSAP BASIS Training in Chennai
SAP BASIS Training in Chennai
Thecreating Experts
 
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERSORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
IQ Online Training
 
Salesforce.com Winter '14 Release Overview
Salesforce.com Winter '14 Release Overview Salesforce.com Winter '14 Release Overview
Salesforce.com Winter '14 Release Overview
Sumitkumar Shingavi
 
Winter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfWinter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdf
Anna Loughnan Colquhoun
 
OTech magazine article - Principle of Least Privilege
OTech magazine article - Principle of Least PrivilegeOTech magazine article - Principle of Least Privilege
OTech magazine article - Principle of Least Privilege
Biju Thomas
 
Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...
Kranthi Kumar
 
Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...
Rajeev Kumar
 
9180 skamath wp_1
9180 skamath wp_19180 skamath wp_1
9180 skamath wp_1
Dola Peddireddy
 
Open sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercisesOpen sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercises
vikram sukumar
 
Sap basis and_security_administration
Sap basis and_security_administrationSap basis and_security_administration
Sap basis and_security_administration
Anil Kumar Reddy Cheppalli
 
Salesforce Spring 14 Release Developer Overview
Salesforce Spring 14 Release Developer OverviewSalesforce Spring 14 Release Developer Overview
Salesforce Spring 14 Release Developer Overview
Roy Gilad
 
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.docCRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
CRM WebClient UI for Interaction Center_C4H_CRM702_BB_ConfigGuide_EN_XX.doc
KrisStone4
 
96593102 sap-cs
96593102 sap-cs96593102 sap-cs
96593102 sap-cs
nvsvijay
 
Oracle_Procurement_Cloud_Release_8_Whats_New
Oracle_Procurement_Cloud_Release_8_Whats_NewOracle_Procurement_Cloud_Release_8_Whats_New
Oracle_Procurement_Cloud_Release_8_Whats_New
Khalil Rehman NLP (MPrac) MCIPS, PMP,OCP
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
 
Client Actions In Odoo 17 - Odoo 17 Slides
Client Actions In Odoo 17 - Odoo 17 SlidesClient Actions In Odoo 17 - Odoo 17 Slides
Client Actions In Odoo 17 - Odoo 17 Slides
Celine George
 
Hr structural auths
Hr structural authsHr structural auths
Hr structural auths
hkodali
 
R12 MOAC AND PAYABLES
R12 MOAC AND PAYABLESR12 MOAC AND PAYABLES
R12 MOAC AND PAYABLES
Amit Chintawar
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup Document
Rajendra Gudla
 
CSI Authorization Auditor 2014 Brochure
CSI Authorization Auditor 2014 BrochureCSI Authorization Auditor 2014 Brochure
CSI Authorization Auditor 2014 Brochure
CSI tools
 
SAP BASIS Training in Chennai
SAP BASIS Training in ChennaiSAP BASIS Training in Chennai
SAP BASIS Training in Chennai
Thecreating Experts
 
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERSORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
ORACLE FUSION FINANCIAL CLOUD FEATURES - CREATING IMPLEMENTATION USERS
IQ Online Training
 
Salesforce.com Winter '14 Release Overview
Salesforce.com Winter '14 Release Overview Salesforce.com Winter '14 Release Overview
Salesforce.com Winter '14 Release Overview
Sumitkumar Shingavi
 
Winter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdfWinter24-Welly Release Overview - Stephen Stanley.pdf
Winter24-Welly Release Overview - Stephen Stanley.pdf
Anna Loughnan Colquhoun
 
OTech magazine article - Principle of Least Privilege
OTech magazine article - Principle of Least PrivilegeOTech magazine article - Principle of Least Privilege
OTech magazine article - Principle of Least Privilege
Biju Thomas
 
Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...
Kranthi Kumar
 
Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...Fi enhancement technique how-to-guide on the usage of business transaction ...
Fi enhancement technique how-to-guide on the usage of business transaction ...
Rajeev Kumar
 
9180 skamath wp_1
9180 skamath wp_19180 skamath wp_1
9180 skamath wp_1
Dola Peddireddy
 
Open sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercisesOpen sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercises
vikram sukumar
 
Ad

Recently uploaded (20)

Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
Studying Drama: Definition, types and elements
Studying Drama: Definition, types and elementsStudying Drama: Definition, types and elements
Studying Drama: Definition, types and elements
AbdelFattahAdel2
 
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Library Association of Ireland
 
High Performance Liquid Chromatography .pptx
High Performance Liquid Chromatography .pptxHigh Performance Liquid Chromatography .pptx
High Performance Liquid Chromatography .pptx
Ayush Srivastava
 
Unit 5: Dividend Decisions and its theories
Unit 5: Dividend Decisions and its theoriesUnit 5: Dividend Decisions and its theories
Unit 5: Dividend Decisions and its theories
bharath321164
 
Envenomation---Clinical Toxicology. pptx
Envenomation---Clinical Toxicology. pptxEnvenomation---Clinical Toxicology. pptx
Envenomation---Clinical Toxicology. pptx
rekhapositivity
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
Unit 4: Long term- Capital budgeting and its types
Unit 4: Long term- Capital budgeting and its typesUnit 4: Long term- Capital budgeting and its types
Unit 4: Long term- Capital budgeting and its types
bharath321164
 
To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
One Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learningOne Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learning
momer9505
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
Studying Drama: Definition, types and elements
Studying Drama: Definition, types and elementsStudying Drama: Definition, types and elements
Studying Drama: Definition, types and elements
AbdelFattahAdel2
 
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Library Association of Ireland
 
High Performance Liquid Chromatography .pptx
High Performance Liquid Chromatography .pptxHigh Performance Liquid Chromatography .pptx
High Performance Liquid Chromatography .pptx
Ayush Srivastava
 
Unit 5: Dividend Decisions and its theories
Unit 5: Dividend Decisions and its theoriesUnit 5: Dividend Decisions and its theories
Unit 5: Dividend Decisions and its theories
bharath321164
 
Envenomation---Clinical Toxicology. pptx
Envenomation---Clinical Toxicology. pptxEnvenomation---Clinical Toxicology. pptx
Envenomation---Clinical Toxicology. pptx
rekhapositivity
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
Unit 4: Long term- Capital budgeting and its types
Unit 4: Long term- Capital budgeting and its typesUnit 4: Long term- Capital budgeting and its types
Unit 4: Long term- Capital budgeting and its types
bharath321164
 
To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
One Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learningOne Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learning
momer9505
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-26-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 

What is sap security

  • 2.  Security   SAP Security Components   Security Solution Map   Access control concepts   PFCG   Conclusion
  • 6. An Overview of R/3 Security Services
  • 7. Access control in SAP is composed of several concepts  Program code   Authorization fields   ACTIVITY   COMPANY_CODE   Authorization objects   Authorizations
  • 9. Program Code That calls an authorization check using the authority-check statement. This will look something like  authority-check object id field Authorization fields: That define a scope of possible values. Examples of authorization fields would be   ACTIVITY: defines the type of activity the user is doing with the data. Possible values are 'DISPLAY', 'MODIFY', 'DELETE', etc.   COMPANY_CODE: possible values are any single value, or any range of values, or any combination thereof such as '0438' and '0600' thru '1100'
  • 10. Authorization fields Authorization fields: That define a scope of possible values. Examples of authorization fields would be ACTIVITY: defines the type of activity the user is doing with the data. Possible values are 'DISPLAY', 'MODIFY', 'DELETE', etc. COMPANY_CODE: possible values are any single value, or any range of values, or any combination thereof such as '0438' and '0600' thru '1100'
  • 11. Authorization objects Authorization objects that define a group of fields. For example, an authorization object called 'CO_MDATA', containing fields ACTIVITY and COMPANY_CODE, might used to control access to the company master data tables.
  • 12. Authorizations Authorizations, each of which belong to exactly one authorization object, that define authorizationvalues (within the scopes defined by the authorizationobjects) to be granted to users. Note that an authorization is different from an authorizationobject!! Extending our previous examples, we might have an authorization, belonging to the authorizationobject 'CO_MDATA',called 'CO_MDATA_ALL', that grants all access to all company master data. Then 'CO_MDATA_ALL'would have the following values: FIELD VALUE ACTIVITY * COMPANY_CODE *
  • 13. Profiles 1. Profiles, each of which may contain several authorizations or profiles. A simple profile contains a group of authorizations. A composite profile contains a group of profiles (simple or composite). [Profiles can be conceptualized as forming the structure of a tree, in which end nodes (leaves) are authorizations, and all other nodes are profiles. Simple profiles are nodes whose children are all end nodes, and composite profiles are nodes, other than end nodes, who have no end nodes for children.]  Profiles are designed to define set or one or more functions or positions. For example, a functional profile might define all the authorizations that are required for doing a goods receipt, or for making a payment in the AP module. A position profile, on the other hand, might define all of the authorizations that are granted to an accountant, or to a warehouse supervisor. Often, a position profile is a composite profile consisting of several functional profiles.
  • 14. Roles Roles are collectionsof activities which allow a user to use one or more business scenarios of an organization. According to the standard SAP role concept,roles containingaccess rights are assigned to users. These authorizationsare then checked when the user performs certain actions, such as starting a transaction. Assigning a Standard Role to a User Changing Standard Roles Creating Composite Roles Note: The term activity group was replaced with the term role in SAP R/3 Release 4.6C.
  • 15. Composite roles  Composite roles can simplify the user administration.  They consist of single roles. Users who are assigned a composite role are automatically assigned the associated single roles during the compare. Composite roles do not themselves contain authorization data.  Setting up composite roles are useful for example if some of your users need authorization for several roles. You can create a composite role and assign it to the users instead of putting each user in each required single role.
  • 16. Derive Roles Derive Roles: There are two possible reasons for deriving a role from an existing role:  The role menus are identical but the authorizations for the menu actions are different in the derived role.   The menu and authorizations of the derived role are identical, but the organizational levels are different in the derived role.
  • 17. What is PFCG  The Profile Generator is a SAP tool.  Can be used to automatically create profiles and assign them easily to users.  Only selects and uses the necessary authorization objects, avoiding excessive validations in the system and thereby improving performance.  Facilitates functional communication between security or the authorization administrator and end users or consultants.  Makes defining and maintaining authorization profiles easier.
  • 18. Configuring PFCG Beforeusing the PFGC for the first time, there are 4 steps that are required to configure and work with PFCG Tool. 1) Activate the PFCG  Based on Instance Profile parameter “auth/no_check_in_some_cases=y  2) Set Up the Initial Copy of Profile Generator Configuration Tables (T-Code SU25)  Transfer the SAP transactions and authorization objects from SAP tables USOBT and USOBX to customer USOBT_C and USOBX_C.  You can then maintain these tables using T-Code SU24.
  • 19.  Table USOBT includes the relation between the transactions and the authorization objects. 3) Maintain the Scope of Authorizations Object Checks in Transactions (T-Code SU24)  This is not a mandatory step, but can be used by customers to maintain their own authorizationobjects to custom transactions. 4) Generate the Company Menu  Generate the SAP Standard menu and then the company menu.
  • 20. Create Roles 1. Choose the pushbutton Create role or the transaction PFCG in the initial transaction SAP Easy Access. You go to the role maintenance. 2. Specify a name for the role. The roles delivered by SAP have the prefix 'SAP_'. Do not use the SAP namespace for your user roles. 3. SAP does not distinguish between the names of simple and composite roles. You should adopt your own naming convention to distinguish between simple and composite roles. 4. Choose Create.
  • 21. 5. Enter a meaningful role description text. You can describe the activities in the role in detail. To assign Knowledge Warehouse documentation to the role, choose Utilities ® Info object ® Assign. The user of the role can then display the documentation.
  • 22. MENU TAB 2. Assign transactions, programs and/or web addresses to the role in the MENU tab. The user menu which you create here is called automatically when the user to whom this role is assigned logs on to the SAP System. You can create the authorizations for the transactions in the role menu structure in the AUTHORIZATIONS tab.
  • 23. MENU
  • 24. SAP Menu You can copy complete menu branches from the SAP menu by clicking on the cross in front of it in the user menu. Expand the menu branch if you want to put lower-level nodes or individual transactions/programs in the user menu.
  • 25. ABAB REPORT  Choose a report and a variant. You can skip the selection screen.  You can generate a transaction code automaticallyand copy the report description by setting checkboxes.   Save and Move to Authorizations Tab.
  • 26. Generating Authorizations  To create authorizationsfor a role, choose AUTHORIZATIONS in the role maintenance.  The AUTHORIZATIONS tab displays creation and change information as well as information on the authorization profile (includingthe profile name, profile text and status).  Click on the change authorization
  • 27. Choose Change Authorization Data 1. Choose the menu Click on the expand menu go to the respective authorization object and check the activity field assign the activity to be performed. 2. Save.
  • 28. Assign Profile Name  Save the Profile and Click on Generate  You will be prompted with Default System generated Profile Name  You can keep this or you can change the Name of the Profile  Once Generated You can assign the profile to Users.
  • 29. ASSIGN PROFILES TO USERS  Assign Profile to USERS  Comparing the new profile with existing profiles by using USER COMPARISION  Old profile is overwritten by new profile.  Save
  • 30. MiniApps  MiniApps for the role   MiniApps are simple intuitive Web applications. The assignment of MiniApps to a role determines which MiniApps the user sees in his or her mySAP Workplace.   Save and Exit
  • 31. CONCLUSION It sounds complicated , but once you start working with authorizations, it's pretty easy.
  • 32. About Approva  Founded in 2001, Approva Corporation provides enterprise controls management software that enables Finance, IT, and 
  • 33. Audit to automate and strengthen business controls. Approva’s software product, BizRights, enables companies to perform:
  • 34. Approva Provides Approva provides enterprise controls management software that enables Business, Finance, IT and Audit to automate and strengthen business controls.
  • 36. What Is BizRights? BizRights is a web-based, cross-application, cross-platformenterprise controls application. This means that BizRights can monitor security and transactionaldata from any ERP system or platform, as well as multiple systems and platforms. Examples of what BizRights can tell you: If the same user performed the same transactions in two different SAP clients If user profiles for SAP and Oracle create a security risk or SegregationofDuties (SoD)violation If a user performed sensitive transactions that should be monitored If a user changedMasterData records
  • 37. If a SAP client is configured to reduce risk If transactions were performed of an unusually high monetary value, such as purchase orders that exceeda million dollars What your business is doing, according to your business rules BizRights can monitor millions of records and thousands of transactions any time you want, as often as you want. BizRights is designedfor functional business professionals as wellas technical specialists, including: FinancialAuditors, Internal Controls staff, Compliance staff, Business Process Owners, IT Security Auditors, External Auditors More than just finding and fixing SoD violations, BizRights can monitorbusiness process transactions, including Procure-to-Pay, Financial Close, Order-to-Cash, and Payroll.
  • 38. Segregation of Duties  Segregation of duties is a basic, key internal control and one of the most difficult to achieve. It is used to ensure that errors or irregularities are prevented or detected on a timely basis by employees in the normal course of business. Segregation of duties provides two benefits: 1) a deliberate fraud is more difficult because it requires collusion of two or more persons, and 2) it is much more likely that innocent errors will be found. At the most basic level, it means that
  • 39. no single individual should have control over two or more phases of a transaction or operation. Management should assign responsibilities to ensure a crosscheck of duties.
  • 40. CATEGORIES There are four general categories of duties or responsibilities which are examined when segregation of duties are discussed: authorization, custody, record keeping and reconciliation. In an ideal system, different employees would perform each of these four major functions. In other words, no one person should have control of two or more of
  • 41. these responsibilities. The more negotiable the asset, the greater the need for proper segregation of duties - especially when dealing with cash, negotiable checks and inventories
  • 42. Authorization Authorization: the process of reviewing and approving transactions or operations. Some examples are: > Verifying cash collections and daily balancing reports.
  • 43. > Approving purchase requisitions or purchase orders. > Approving time sheets, payroll certifications, leave requests and cumulative leave records. > Approving change orders, computer system design or programming changes.
  • 44. Custody Having access to or control over any physical asset such as cash, checks, equipment, supplies, or materials. Some examples are: Access to any funds through the collectionof funds, or processingof payments.
  • 45. > Access to safes, lock boxes, file cabinets or other places where money, checks or other assets are stored. > Custodianof a petty cash or change fund. > Receivingany goods or services. > Maintaining inventories. > Handlingor distributingpaychecks/advices, limited purchasechecks or other checks.
  • 46. Record Keeping The process of creating and maintainingrecords of revenues, expenditures, inventories, and personnel transactions. These may be manual records or records maintainedin automatedcomputer systems. Some examples are:
  • 47. > Preparingcash receipt back-ups or billings, purchase requisitions, payroll certifications, and leave records. > Entering charges or posting payments to an accounts receivablesystem. > Maintaining inventoryrecords.
  • 48. Reconciliation Verifying the processing or recording of transactionsto ensure that all transactionsare valid, properlyauthorized and properlyrecorded on a timely basis. This includesfollowing up on any differences or discrepancies identified. Examples are: > Comparing billing documentsto billing summaries. > Comparing funds collectedto accountsreceivable postings.
  • 49. > Comparing collectionsto deposits. > Performing surprise counts of funds. > Comparing payroll certifications to payroll summaries. > Performing physical inventory counts. > Comparing inventory changes to amounts purchased and sold. > Reconciling departmental records of revenue, expenditure, and payroll transactionsto the PeopleSoft management reports.