Query the Data from an HCM Personnel Root Record
Statistical data of other users
It is best if the persons responsible for the system develop role descriptions with their departments in advance and document them outside SAP SuccessFactors (e.g., as in Fig. 2). In case of queries, they can use this basis to explain exactly why someone has been given a certain authorization. The role descriptions and the report help to work in a DSGVO-compliant manner. Since the report updates automatically, companies have no additional effort to document the changes - one less unloved (and often "forgotten") task.
The user's access to this program is realized by assigning a role that contains the required transaction including the authorization objects to be checked. A role can contain a large number of authorization objects.
Define security policy for users
To calculate the recommendations, you can filter the SAP notes by their productive system, by the SAP solution, and by the applications and components, by the technical system name, and by the time of publication. The recommendation is issued in the following categories: Security-relevant SAP information, information on performance optimisation, HotNews, information on changes in legal regulations, and notes on corrections in the ABAP system.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
At "www.sap-corner.de" you will also find a lot of useful information on the subject of SAP authorizations.
Employees should only be able to access data relevant to their work, country or accounting area in tables? Set up organisational criteria to ensure this.