Happy New Year – 2012
Let’s start by wishing all visitors to this site a very happy and prosperous new year. Hopefully everyone had a wonderful 2011 and will continue to do well in 2012. In 2012, I am planning posts on Security for Netweaver Java and Enterprise Portal, SAP SRM and SAP GRC Access Control. For most of these, the challenge is to get the appropriate screenshots to go along with the written word. Let’s see how much of them get completed this year.
Hi Anina
wish you a happy new year and
thank you sooooo much for your 2012 plan.
Happy New Year Aninda.
May this year you come up with more on SAp Security.
Really i have become your fan and keep on waiting for your new posts.
Thanks for making it easy to learn SAP Security.
Regards
Gaurav
Hi Aninda,
Your blogs have been most helpful to me. I have always struggled with understanding HR Security and implementing HR security the proper way. I know have more knowledge than I had before.
However, I am still fuzzy on structural authorizations such as best practices for creating pd profiles (i.e. creating them by org unit, position, or job). What have you seen?
Lastly, do you have any documentation on HR SoD’s?
Hi Felicia,
Glad to know that my blog is helping you better grasp the fundamentals or HR Security!
The one best practice on structural authorizations that I always follow is to limit their use to the minimum. Thus if you do not have any concrete requirements to secure HR OM objects by structure, don’t use PD profiles for these users. The reason why I emphasize this is because of the substantial complexity in evaluation and troubleshooting of structural authorizations. If you indeed limit the use of PD profiles to the minimum, you will find that you end up creating lower number of PD profiles and the security requirements around them will themselves dictate what needs to be created. For example, the most common case is of a manager being restricted to his org unit. Here we would use a PD profile starting with the manager’s org unit and using a evaluation path to traverse the subordinate orgs, positions and persons.
Also check if you can use evaluation and/ or the dynamic determination of the start object in the PD profiles. Both of these features will reduce future maintenance.
Finally, talk to the OM consultant working with you. Structural Authorizations are directly linked with the org mgmt in functional HR. They can give you a broader perspective at what evaluation paths are available and what possibilities can be realised using OM.
By far, structural authorizations is the most difficult concept that I have come across in security. So don’t be in a hurry to master it. As you come across more scenarios you will get more comfortable with using its different features.
Regards,
Aninda
Wish you a happy new year and thank you for CRM Security & what is your planning for SAPGRC.
Best Regards,
Sachin
Hi Aninda,
Can you please provide book related to SAP GRC Process Control.
Thankx in advance.
Best Regards,
Sachin
Thank You
Hi Aninda,
It would be great if you can shed some light on SAP SCM 7.0 security concepts.
Any help is greatly appreciated!
Thank You Very Much In Advance!
Santosh
Hi Santosh,
Sorry, I don’t have enough exposure to SAP SCM to write any sort of article on it. However, whenever I get a chance to work on it, I will try to share what I pick up.
Regards,
Aninda
Great Job!