Enterprise risk analysis
Let me show you how EasyReCert can simplify this process. Automatic representation of employees & role assignment Each user of the application automatically receives the employees assigned to him. In the first step, the user verifies the assignment of the employees assigned to him. In the second step, the user is shown the roles of his employees. It is now possible to mark the assignment of the role as correct or incorrect. Understandable explanation of the roles Often roles have no talking names and for the decider it is not clear which specific permissions are behind a role. The tool offers the possibility to provide a description for each role, which is available by pop-in. Looking up which role has which permissions and which is meant for which is completely omitted. Flags & Criticality The tool offers in its options the possibility to set flags for critical roles and highlight them in particular. At a glance, the decision-makers see that one of their employees has a critical role and can examine it carefully. Since roles are classified differently in each company, you are completely free to decide which roles you want to consider critical. Roll Whitelist Do you want to exclude certain roles from the audit? Or do you want to test only critical roles? The tool offers you a whitelist function for this. This whitelist allows you to include roles that you do not want to check in the recertification process. So you completely decide which roles the tool should take into account. Logging of the results The results of the tests are logged via the application log and can be viewed both by SAP standard means and directly by the tool. It is also possible to export the audit logs or add optional comments to the logs later.
I recommend that you schedule the background job PFCG_TIME_DEPENDENCY with the report RHAUTUPD_NEW. Scheduling the RHAUTUPD_NEW report with two variants has proven to be a best practice: Once a day before users log on for the first time (e.g. midnight or very early in the morning). This way the users are synchronized once a day. Once a month (or even once a week) with the option "Perform cleanup", so that obsolete profiles and user mappings are regularly cleaned up. Also handy: If the naming conventions of your roles allow it, you can also align the report according to different time zones. For example, I have a customer who runs the user synchronization for his users in the USA and Asia at different times, so that the daily business of the respective users is not disturbed.
This SAP training covers the introduction/basics of SAP administration. You will learn the basic functions of the SAP system. You will learn the most important administrative tasks, such as user administration and roles, the SAP data transport system, security in the SAP environment, administrative background tasks and system monitoring.
Project successes should also be documented and circulated as success stories of the SAP basis or made available to the SAP basis stakeholders to highlight the importance of the SAP basis. These success stories can be shared from the grassroots or from the outside, for example. Examples include CIO communications or project reports. BENEFITS & CONSEQUENCES The added value of the implementation of the recommendations described above lies in the guaranteed operational stability and operational safety. In addition, a company and in particular an IT organisation with a strong SAP basis receives a competent and sustainable partner for SAP topics and technologies, who is always looking at the SAP picture in general. Furthermore, all business and IT departments are aware of the role and the scope of the SAP basis. This means that you can contact them as the right person in good time. There is a lower risk that certain areas may develop shadow IT related to SAP topics and technologies due to lack of transparency.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Results: We will discuss the results of SAP Security Check with you.
To ensure high software quality, avoid hidden consequential error costs and consciously plan for a test period instead of the risk of time bottlenecks, a methodical approach should be planned.