ITS / ITSmobile
Support or substitution of your employees
Constant further development and growing complexity are placing ever-increasing demands on the SAP infrastructure in terms of performance and feasibility. In addition, SAP Basis is the technological driving force for the implementation of new applications and innovations in your business environment.
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
Once the UPL is activated, you can access the usage data as follows: Solution Manager: BW Query 0SM_CCL_UPL_MONTH (other predefined Querys available) Managed System: Report /SDF/SHOW_UPL Based on the UPL's data collection, you can now use additional functionalities of the CCLM to depick, for example, proprietary developments that are unused for a long time. Do you know the UPL of SAP and already use it to gain more information about its existing system landscape?
SAP Basis administration is distinct from other roles such as ABAP developers and consultants who handle architecture. In many companies, the boundaries between administration and development are blurred. Admins may therefore also be involved in the planning and development of the system.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
Now you can repeat the steps for the frontend as explained above.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
You have two options: You will first complete the queue and then the SPAM update.