Unclear responsibilities, especially between business and IT
How to analyze roles and authorizations in the SAP system
Thanks to the new feature provided with the Support Package mentioned in SAP Note 1847663, it is possible to use trace data from the privilege trace in the SU24 transaction for suggestion value maintenance. The system trace that you can call through the ST01 transaction or the STAUTHTRACE transaction (see also Tip 31, "Optimise Trace Evaluation") is a short-term, client-dependent trace that you can restrict to users or applications.
Increased compliance requirements and the design of internal control systems confront companies with an increasing number of rules on how SAP (and other IT) systems must be technically protected. The SAP authorization concept specifies such legal standards and internal company rules. This ensures that each user only receives the authorizations he or she needs for his or her activities. The business risk can thus be reduced to a minimum.
Standard authorisation
Of course, these objects can be adapted to the requirements of a company at any time. If a new program is required in the namespace of a company, the programmer decides which authorization objects should be checked in this program. If the standard objects do not meet the desired requirements, the programmer can create his own authorization objects that contain the required authorization fields.
It is essential to implement adequate authorization checks in every ABAP development. For this purpose, the so-called AUTHORITY-CHECK is used, which queries the required authorization object characteristics and thus only allows authorized users to execute the code.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
The website www.sap-corner.de offers many useful information about SAP basis.
In the SU53 error excerpt, the first thing that is displayed is the authorization that the user is missing.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
Finally, we want to give you some recommendations for securing file access.