Uncategorized

Happy New Year – 2012

Let’s start by wishing all visitors to this site a very happy and prosperous new year. Hopefully everyone had a wonderful 2011 and will continue to do well in 2012. In 2012, I am planning posts on Security for Netweaver Java and Enterprise Portal, SAP SRM and SAP GRC Access Control. For most of these, the challenge is to get the appropriate screenshots to go along with the written word. Let’s see how much of them get completed this year.

10 thoughts on “Happy New Year – 2012

  • Hi Anina
    wish you a happy new year and
    thank you sooooo much for your 2012 plan.

    Reply
  • Gaurav Shrivastava

    Happy New Year Aninda.

    May this year you come up with more on SAp Security.
    Really i have become your fan and keep on waiting for your new posts.
    Thanks for making it easy to learn SAP Security.

    Regards
    Gaurav

    Reply
  • Felicia

    Hi Aninda,

    Your blogs have been most helpful to me. I have always struggled with understanding HR Security and implementing HR security the proper way. I know have more knowledge than I had before.

    However, I am still fuzzy on structural authorizations such as best practices for creating pd profiles (i.e. creating them by org unit, position, or job). What have you seen?

    Lastly, do you have any documentation on HR SoD’s?

    Reply
    • Hi Felicia,

      Glad to know that my blog is helping you better grasp the fundamentals or HR Security!

      The one best practice on structural authorizations that I always follow is to limit their use to the minimum. Thus if you do not have any concrete requirements to secure HR OM objects by structure, don’t use PD profiles for these users. The reason why I emphasize this is because of the substantial complexity in evaluation and troubleshooting of structural authorizations. If you indeed limit the use of PD profiles to the minimum, you will find that you end up creating lower number of PD profiles and the security requirements around them will themselves dictate what needs to be created. For example, the most common case is of a manager being restricted to his org unit. Here we would use a PD profile starting with the manager’s org unit and using a evaluation path to traverse the subordinate orgs, positions and persons.

      Also check if you can use evaluation and/ or the dynamic determination of the start object in the PD profiles. Both of these features will reduce future maintenance.

      Finally, talk to the OM consultant working with you. Structural Authorizations are directly linked with the org mgmt in functional HR. They can give you a broader perspective at what evaluation paths are available and what possibilities can be realised using OM.

      By far, structural authorizations is the most difficult concept that I have come across in security. So don’t be in a hurry to master it. As you come across more scenarios you will get more comfortable with using its different features.

      Regards,
      Aninda

      Reply
  • Sachin

    Wish you a happy new year and thank you for CRM Security & what is your planning for SAPGRC.

    Best Regards,

    Sachin

    Reply
  • Sachin

    Hi Aninda,

    Can you please provide book related to SAP GRC Process Control.

    Thankx in advance.

    Best Regards,

    Sachin

    Reply
  • santosh

    Hi Aninda,

    It would be great if you can shed some light on SAP SCM 7.0 security concepts.

    Any help is greatly appreciated!

    Thank You Very Much In Advance!

    Santosh

    Reply
    • Aninda

      Hi Santosh,

      Sorry, I don’t have enough exposure to SAP SCM to write any sort of article on it. However, whenever I get a chance to work on it, I will try to share what I pick up.

      Regards,
      Aninda

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *