RS_ABAP_SOURCE_SCAN
Get an overview of the organisations and their dependencies maintained in the system
In the event that such conflicts nevertheless arise, regular checks should be established as part of an internal control system. Furthermore, the authorization concept includes content such as the integration of the data owner, security-relevant system settings, specifications for maintaining authorization default values (transaction SU24) and documentation requirements.
If your users are allowed to share their own background jobs, you need the JOBACTION = RELE permission to the S_BTCH_JOB object. In this case, you can start all jobs at the desired time. In many cases, background jobs are used for the professional or technical operation of applications; Therefore, we recommend that you schedule these background jobs under a System-Type technical user (see also Tip 6, "Note the impact of user types on password rules"). The advantage of this is that the permissions can be controlled more accurately and you do not run the risk of a job being lost if the user under whom it was scheduled to leave your company once. You can realise the association with a system user by giving the user who plans the job permission for the S_BTCH_NAM object. In the BTCUNAME field, the name of the step user, i.e. the user under whom the job should run, such as MUSTERMANN, is entered.
Custom requirements
You can influence the default behaviour of various transactions and parameters with the customising switches for the maintenance of Session Manager and Profile Generator as well as the user and permission management. The SSM_CID table gives you an overview of all customising switches supplied by SAP, specifying the relevant tables SSM_CUST, SSM_COL, PRGN_CUST and USR_CUST. The short description of the customising switch refers to the relevant and current SAP references. The actual settings can be found in the SSM_CUST, PRGN_CUST and USR_CUST tables.
SAP authorizations are not exclusively an operational issue - they are also essential for risk management and compliance and represent one of the key audit topics for internal auditing and auditors. In most cases, the different rules according to which the risks of SAP authorizations are assessed are problematic.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
Various test tools, such as the Code Inspector or the SAP Code Vulnerability Analyser, can be integrated into this.
Unlike the authorization trace, a system trace is mainly designed for short periods of time.