What is the structure of SAP Basis?
SE24 Class Builder
The role of the SME describes an expert in a particular field, such as SME databases or SME-SAP-HANA, in the context of SAP products and is gaining in importance due to new technologies and thematic areas. The role of the SME thus corresponds to an expert role in the technology environment. It has a good network within the IT departments and, if necessary, to other business units within the company. In order to carry out its activities, it is necessary to have already acquired practical experience in the operation of its thematic focus. Expert tools are also used to fulfil his task. Through the exact definition of disciplines, the SME assumes the informally many tasks of the traditional SAP basis administrator and also new disciplines in the course of new technologies. In addition to the existing features, there will be in the future such as SME-Cloud, SME-SAP-HANA/Databases, SME-Supplier-Management, SME-Security, SME-Compliance, SME-Landscape-Virtualisation-Management (SME-Landscape-Virtualisation-Management) and SMESolution-Manager. SME-Cloud is in contact with the global cloud manager (if it exists in the company). In addition, an expression SME-Security is in contact or reported to the global corporate security sector. An expression SME-Supplier-Relationship-Management or Supplier-Management is orientated both internally (coordination with other departments) and externally (coordination and communication with suppliers). The SME cloud is a special feature of SME Supplier Management.
Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
Creating a basis for the SAP landscape
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
This step is of fundamental importance for the SAP basis. It concerns both the inward-looking perception described in the marketing & self-understanding recommendation and the outward-looking perception in the form of a mission and vision.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
In general, SAP operations and all associated activities need to be further professionalised.
A transport order can contain multiple tasks.