SAP Access Control Implementation: The Myths, Truths, and Tricks (Part 1)
- by Kehinde Eseyin, Senior SAP GRC Consultant, Turnkey Consulting Ltd.
- December 14, 2015
Gain an understanding of supported and unsupported functionalities in the SAP Access Control system. See how to configure the system correctly to achieve your defined business requirements.
Reading this article you will learn:
- Tips on client customizing settings comparison and risk analysis dashboard reporting
- How to configure routing rules and related workflow functionalities
- Strategies for effective management of access requests and cancellation of workflow instances
Myth often refers to certain assumptions or thoughts about the capability of a tool or product, either positive or negative, with or without an empirical basis of fact or technical explanation. A detailed explanation about the reasoning and concept behind the truth, coupled with validated tips and tricks, goes a long way toward demystifying the product. Therefore, it is important to clarify common assumptions about the SAP Access Control system that are untrue and to provide guidance on how to meet specific business requirements during an implementation project and operation of the system.
It is commonplace for users not to optimize the capabilities of a system, which happens mostly because of ignorance rather than from the absence of a business need. Acute knowledge of the strengths and weaknesses of the software product gives insight into how to map business requirements to the capability of the SAP Access Control 10.x solution.
Therefore, in this article, I discuss important customization settings, transaction codes, and standard ABAP programs that are invaluable for the administration, operation, and support of an SAP Access Control 10.x system. Setting appropriate values for configuration parameters can be challenging as a result of lack of understanding of how these configuration parameters work independently, the dependencies on other configuration parameters, or the wider customization settings. Addressing this common concern is the crux of this article.
This is the first part of a series of two articles on this subject. In this article, I cover the following topics:
- Client copy operation
- Dashboard report and browser settings
- Workflow path with no assigned stage
- User details based on multiple data sources
- Threshold for access request line items
- Deletion of access request
- Risk analysis for locked and expired users
Would you like to see this full item?