Documente Academic
Documente Profesional
Documente Cultură
Learning Objectives
Security Introduction of PFCG Types of Roles Authorization About Tutorial Getting Started
SECURITY
The purpose of security is to protect an organizations information by restricting access to those that need to know. Defense against financial failure: Measures taken as a precaution against theft, sabotage or espionage. Princeton University Do not leave security to chance as unauthorized execution can lead to fraud, collusion or other illegal activities. These risks can be mitigated through proper security controls.
Security Expectations
Protection of Data Laws (Personal information HR, Sarbanes Oxley) Agreements (Between vendors and suppliers) Policies enforceable Cost Benefit Relation Security comes at a cost Impossible to make system 100 percent secure Be Transparent Minimise obstruction of companies business processes
Types OF Security
PFCG
An SAP delivered tool that is used to develop role based security Each user would have roles that provide access to the activities that he or she needs to perform Each role contains authorizations that the user is allowed to perform For example, the Credit Manager would have a different set of access for Accounts Receivable data than a Accounts Receivable clerk. Both need access to A/R, but they perform different update tasks. These tasks are stored in roles.
Karen
Procurement
Susan
SAP AG 1999
Authorization
Authorization is the process of giving someone permission to do or have something. Authorization is the process of assigning values of the fields present in authorization objects. In SAP, access to all systems functionality is achieved through a complex array of authorizations. Authorizations are the key building blocks of SAP security.