Business doesn't like chaos and hates uncertainty Roles, permissions and authorizations in SAP is a river topic that we have covered several times. We've written about the dangers that arise from a lack of conceptualization of authorizations, poorly managed authorization procs and the associated risks to the organization. Today, in

It is worth noting that in the case of reorganization of authorizations, it is also possible to apply the so-called "creeping project", that is, we fix and seal the system step by step. This is a good option when we have few human resources, time and money for a big reorganization project.

SAL will ensure the security of the system only if it is properly configured (SM19/RSAU_CONFIG) AND looked after (SM20/RSAU_READ_LOG), and if access to it is strictly limited and controlled. Both the Basis department and security key users (auditors) have something to say at the configuration.

What are SAP notes? Generalizing, we can say that they are small updates to the software - they contain corrections to the code, include a description of the problem, etc. Their second role is support, which does not contain corrections/updates but documents a specific problem, often in broad terms.

How do you prepare for it with SAST and what benefits does it bring to the organization? Any thought on increasing security in an organization that takes the form of a plan or at least a discussion is worthy of consideration.

SAST's Super User Management module offers a feature that allows users to work without SAP_ALL or other critical authorizations on the production system.