SWU2 Transactional RFC
What is SAP-BASIS?
What are the requirements and benefits of a modern identity management system (IDM) in the GRContext and what should be taken into account in application processes? Modern companies need to be able to effectively control their employees' access and system permissions to ensure optimal corporate control and monitoring. This need can also be inferred from legal requirements. IDM is the user and permission management within an organisation. These systems are an essential part of the internal control system. This includes the continuous monitoring and allocation of access possibilities as well as the systematic securing of functional separation (SoD - Segregation of Duties) in the IT systems. This is primarily intended to better manage relevant business and financial risks and to prevent criminal acts. The management of user and permission structures must ensure that, when the roles and responsibilities change, the privileges of the employees concerned in the systems are adjusted. Failure to do so will result in a multi-department employee having extensive privileges that can be critical in combination. Trust is good, control is better In order to avoid employees being entitled beyond your area of competence, user data and permissions must be continuously adjusted to the current requirements. It therefore makes sense to regularly carry out a recertification process in which the role owner and the manager sign off in compliance with the four-eye principle that the employee is entitled to the current privileges or may have to be deprived of rights from previous activities. Provisioning as a central function of the IDM Provisioning components form a central function of IDM systems, which provide users with individual access rights for the required IT resources according to their task.
In order to reduce the complexity of the SAP basis operation and to accelerate and simplify the tasks of the SAPBasis and to create free capacities, standardisation and automation of the existing activities is required. Details can be found in chapters 7.7 and 9.5 of the Master's thesis.
SAP Basis Services
Without this provisioning component, adjustments to employee permissions in the respective IT resources would have to be implemented by the relevant system administrators. However, manual provisioning processes are by their very nature a source of errors. If an employee's tasks change, the system administrator should consider all active user accounts when modifying and deleting accounts. A modern IDM system therefore helps companies to keep track of users and their permissions, especially in complex and heterogeneous system landscapes.
At the same time, there is a need to return the solutions to the SAP standard. A collaborative approach between departments and IT technology is required to assess IT technical and business benefits. It is also necessary to check whether the adaptation of business processes to avoid modifications to the implementation may be more effective and therefore more cost-effective. This must be evaluated and decided jointly. As a result, we recommend defining and implementing business standards for creating and maintaining solutions.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
At a technical level, a special BOL query object is passed to the Enterprise Search, which passes the HANA database and performs a search.
The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.
How does SAP Permissions Inheritance work? An inheritance is always about a master object passing certain properties to a derived (sub) object.