ST01 System trace
The application or application layer
All the roles that contain the string "ADM" are considered critical, as they usually refer to administrative roles. When identifying critical SAP permissions, profiles and roles, it should be noted that SAP does propose a concept for names, but this is not always taken into account by applications or its own developments.
From a purely technical point of view, each generated authorization role contains a profile from which a user receives the actual authorization objects and authorization characteristics. If this profile is outdated or not assigned at all, the user will not have all the authorization objects contained in the authorization role. Incidentally, the problem arises particularly frequently after role transports: If an authorization role is changed in the development system and then transported to the production system, the current profile is not automatically assigned to the users with the respective role. A user comparison must therefore be performed here.
Connect and configure printers and other peripheral devices
The comprehensive analysis provides the pattern and roadmap for the next steps. This also includes the right sizing, the selection of the monitoring concept and the appropriate deployment model, i.e. on-premise, cloud or hybrid cloud. Only with this planning can you ultimately achieve the desired goal - with transparent costs.
If you look at everything I've described up front in its entirety, it quickly becomes clear which direction things are headed: the SAP basis will increasingly move toward an SRE-centric environment over the next decade. This is what the future of SAP looks like, and I look forward to an exciting journey.
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
There are several points to consider.
It thus forms the interface to the users (GUI).