STAUTHTRACE System trace for authorization checks
SAP Basis is characterized by a three-layer model and consists of the following layers:
To facilitate communication within IT departments, it is necessary to identify clear communication channels and contact persons and also to use uniform tools for communication. It would also be possible to designate contact points (contact points) for upstream and downstream IT departments and external service providers and suppliers.
Examples of names are: SAP Cross-Application, SAP Innovation & Technology, SAP Services & Innovation, SAP Operations & Innovation or SAP Service Provider & Business Innovator. DESCRIPTION OF OWN PERFORMANCE AND SERVICE PORTFOLIO In order to be consulted by upstream or downstream entities, it is necessary to provide a detailed and understandable description of your service portfolio. This means that it can be explicitly stated in which cases the SAP basis needs to be contacted and involved in order to make the necessary decisions and not jeopardise a project or company success. In addition to the range of tasks covered by the SAP basis, it is also necessary to specify for which tasks and topics the SAP basis is not responsible. This recommendation is to be considered as universal and applies to all IT departments in order to clearly distinguish them and document the performance of their own IT organisation. INTERNAL MARKETING DESIGN AND ESTABLISH Building on the recommendation [A3], it is recommended to design and establish an internal marketing. The aim is to provide a transparent picture of the activities carried out in terms of the company's success and which are not visible to everyone.
In practice, it is quite possible that the target specifications defined in the security concept do not match the current actual status. Therefore, especially with regard to SAP security, it must always be checked whether the necessary SAP basic settings also correspond to the minimum level. Although a manual check is possible, it is very time-consuming because the necessary regularizations have to be read, interpreted and technically implemented. The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system. The scope of the check of system settings and system security includes not only the SAP Basis settings presented here, but also other SAP Basis settings. The scope of the check mode can be extended by self-defined check IDs.
The past ten years have primarily revolutionized the infrastructure and database layer. The fascinating thing is that there have been hardly any changes to the SAP installation program SAPinst during this time.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
This means that it can be explicitly stated in which cases the SAP basis needs to be contacted and involved in order to make the necessary decisions and not jeopardise a project or company success.
The later you discover a risk, the more expensive the fix will be.