Features of the SAP authorization concept
Challenges in authorization management
An SAP security check focuses in particular on the assignment of authorizations. This is what enables users to work with the SAP system in the first place, but it can, under certain circumstances, unintentionally add up to conflicts over the separation of functions or even legally critical authorizations. For this reason, tools for technical analysis must be used regularly to provide the status quo of authorization assignment and thus the basis for optimization.
Only adding an authorization object via SU24 does not automatically result in a check within the transaction. The developer has to include an authorization check exactly for this object in the program code.
Immediate authorization check - SU53
First, consider the transport of your proposed permissions from various development systems to a consolidation system. When you save permission proposal values in transport orders, you will notice that generic entries are used instead of detailed BOMs. These generic entries mark all applications, for example, with TR*..
The four important concepts of SAP security first require a certain amount of effort. They not only have to be coordinated, formulated and made available, but also continuously updated and, above all, actively implemented. Nevertheless, the return on investment is high, because they prepare for all eventualities, provide audit security, and also offer a high level of protection for the SAP system and thus for the company itself.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
TMSADM: The user TMSADM serves the communication between SAP systems in the transport management system and is automatically created in the client 000 when they are configured.
Depending on the requirements and project framework, we also rely on proven software solutions from our partners.