Conquer Context Problems in HR Security

  • by A.J. Whalen, SAP Marketing Director, Velocity Technology Solutions
  • May 15, 2004
When the same HR user is in charge of multiple tasks, conflict problems can occur on the subject of how much authorization to grant the user. The author compares the technical differences between general and structural authorization and how to optimize their usage. He also describes SAP's context-sensitive authorization functionality in R/3 Enterprise Release 4.70.

The changing business climate and restructuring of workforce responsibilities mean that some users are asked to assume more than one role in their organization. Their day-to-day duties might mean they “wear many hats,” each with its own particular needs and restrictions from a business software security standpoint.

It is not uncommon to find SAP users who have more than one functional role and whose security needs are more complex than the traditional single-role user. For example, a user with multiple functional roles may need to view certain HR master data for one organizational unit, but also maintain read/write access to that same data for a separate unit. Designing SAP security roles to meet the demands of these multi-functional users is not always as simple as it sounds.

Traditionally, the design of SAP security roles has closely mirrored functional job duties for many customers. In a role-based design, the transactions, authorization levels, and organizational restrictions built into security objects reflect the day-to-day job duties of the person holding the role. This is true whether the overall security concept includes only general roles or also includes structural security profiles. For some, the addition of structural security to limit a user’s view of the organizational structure provides a level of detail in their security that is required to fully use R/3’s growing functionality.

A.J. Whalen

A.J. Whalen has successfully combined more than two decades of global business expertise with in-depth experience in the strategic development, management, and delivery of large-scale projects and education for SAP ERP HCM. Prior to his current role as SAP Marketing Director at Velocity Technology Solutions, he served as lead consultant for several global SAP implementations and engagements as well as an SAP Conference Producer for Wellesley Information Services. A.J. has been invited to speak at nine annual SAP educational events and holds an MBA degree from the Stern School of Business at New York University.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.