Error analysis for authorizations (part 1)
Managed Services
On the other hand one can call the system trace over the transaction ST01. Here it is possible to set individual filters for the checks. In addition, you can switch off the trade via the "Trace off" button or the F8 key and switch the trace back on via the "Trace on" button that is then displayed or the F7 key. If you click on the button "Evaluation" or the F2 key, you can display the evaluation.
Since Release 4.6D, the system creates a new folder for each of the roles included in the pulley when rebuilding a Collective Roll menu at the first hierarchy level, and only then the corresponding menu is located. You can decide whether the text of each folder should consist of the technical name or the short text of the role. This function can be disabled by customising.
SIVIS as a Service
The report shows system owners in real time which roles exist in SAP SuccessFactors and which authorizations these roles contain. The report also shows which roles are assigned to which users and whether there are duplicates, for example of groups or authorizations. The user can export this overview at any time.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
The website "www.sap-corner.de" offers a lot of useful information about SAP authorizations.
You should not grant large permissions for the SCC4 and SE06 transactions to internal and external auditors, just so that they can see the system modifiability.