Security RecertificationIn SAP, User Security is managed by assigning Roles/Profiles to Users. In majority of the companies, this is a manual process and even in cases where the security is position based, there are roles/profiles that are assigned manually. The Internal and External Audit teams would require the companies to recertify the security at regular intervals (annual or semiannual). |
|
License Type ManagementIn SAP, all the users must be assigned to a valid license type which will be then used to consolidate the data to send it to SAP for their License Administration. This is a manual process in most of the companies and is fraught with errors. |
|
HR Portal Integrated AccessThe security of HR Portal is based is based on the assignment of groups within the portal. In larger companies, the portal access is integrated with SAP and the LDAP (Active Directory) as well. This is very challenging when coupled with Structural Authorizations, Context Structural, and HR Delegate (Proxy) features. |
|
HR Audit Reporting TreeIn almost all places, auditors look for some critical access that user may have. In a standard environment, these reports can be derived using the transaction code SUIM. But they are not always comprehensive because most auditors look for only limited set of critical accesses thereby leaving a possibility of neglecting some really critical accesses. This reporting tree will give a comprehensive list of reports covering almost every critical area in an SAP environment. |
|