Enhance User Access Risk Reporting in SAP Access Control 10.1 with User Master Data Attributes

  • by Kehinde Eseyin, Security Architect
  • March 12, 2014
Learn how to enhance user risk analysis and user risk simulation analysis by leveraging a custom user group based on user master data (transaction code SU01) attributes. You will also learn how to improvise with custom variants (based on SU01 attributes) when defined custom user groups are not available for your business case or you need to bring in more flexibility to user risk reporting.
Learning Objectives

After reading this article you will learn:

  • How to create and maintain custom user groups based on SU01 attributes
  • Which authorizations objects are relevant for custom user group maintenance
  • How to build custom variants (based on SU01 attributes) for efficient and simplified user risk analysis (and simulation)
Key Concept

Custom user group and custom variants are a collection of functionalities that allows you to group users based on specific SU01 attributes to drive efficient user risk analysis reporting. Transaction code SU01 is used to create users and allows for the definition of specific attributes against a user master record. The defined attributes can subsequently be used in setting up custom user groups and custom variants to drive ad-hoc risk analysis and simulation at the user level.

One of the new capabilities in SAP Access Control 10.1 is the enhancement of how a custom user group works. I provide a concise description of the custom user group functionality and how to harness this capability for efficient and optimized user risk analysis and simulation. 

Kehinde Eseyin

Kehinde Eseyin is a security architect. He holds a bachelor’s degree in computer science. He has about 12 years of IT security, governance framework, IS risk, and compliance experience gained by working in numerous global organizations. Over the years, he has demonstrated competencies in security design, information assurance, cyber security, data privacy, threat and vulnerability management, penetration testing, business architecture, project management, IT audit, IS controls framework, and identity and access management.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.