How to Combat Performance Bottlenecks in Structural Authorization Checks

  • by Kehinde Eseyin, Senior SAP GRC Consultant, Turnkey Consulting Ltd.
  • May 21, 2010
Learn best practices to enhance and optimize the process of structural authorization checks, such as using evaluation paths, creating indexes, and buffering large numbers of structural authorization check objects in the SAP memory via standard SAP reports.
Key Concept
Structural authorization is an authorization concept used to restrict and control access to data stored in time-based structures such as organizational structures, business event hierarchies (training and events management), and qualification catalogs (personnel development) via structural authorization profile assignment or provisioning.

The responsibility of defining structural authorization in a company is challenging for authorization or security administrators who are saddled with the task of enforcing security and control in the SAP ERP HCM system. It is even more challenging when they must manage the possible performance problem of slow response time that arises during structural authorization checks. Although authorization helps to safeguard business data via controlled user access, it has associated performance implications. You need to strike a balance between adequate security provisioning and optimal system performance.

Kehinde Eseyin

Kehinde Eseyin is a senior SAP security and GRC consultant with Turnkey Consulting (UK) Limited. He has more than eight years of SAP authorizations, GRC, and Basis experience. In the past, he has managed teams to coordinate security, GRC, and Basis administration activities within a multinational environment and operated as an independent consultant, performing SAP system audits and SAP GRC Access Control implementations. He holds a bachelor’s degree in computer science. He has different certifications, including SAP Access Control 10.0 Consultant; SAP Technical Consultant (SAP NetWeaver on Oracle); SAP Solution Manager Operations Consultant; SAP Support Engineer – SAP Solutions Manager; SAP Business One Consultant; Oracle Database Administration Professional (OCP DBA); ITIL v3; and PRINCE2. He is the co-author of SAP BusinessObjects Access Control 10.0 Application Associate Certification [Review Questions and Answers].

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.