Authorizations in SAP ERP HCM
Description
Who has access or permission to retrieve or change your sensitive HR data? This is a critical question for every company to consider, and this book describes how you can create and implement an appropriate authorization strategy for the specific processes in your own company, using SAP ERP HCM. You'll find answers to all of your questions, from explaining what the differences and areas of usage are in the general, structural, and context-sensitive authorization checks, to the specific challenges involved in using performance management functions. In addition, you'll learn about typical problem areas and find out how to resolve them. The book contains many useful tips that support you in implementing the authorization system whether it's for the first time or in your daily work. If you are currently facing the problem of having to manage an insurmountable number of roles that require a lot of maintenance work, this book provides useful ideas for redesigning your system and describes methods to reduce the total number of roles.
Topic Highlights:
- Process-Oriented Authorization Concept, Role Definition
- General Authorization Checks with Time Logic and Check Method (IT 130)
- Structural Authorization Checks with Time Logic
- Context-Sensitive Authorization Checks
- Extensions to Authorization Checks
- Authorization Roles in SAP HCM Components
- Implementing an Authorization Concept
- Reports for the Authorization System
- Authorizations in Programming
- Troubleshooting
- Specific Problem Areas and Suggested Solutions
More details
Persons
Content
... 1.1 ... Requirements for Authorization Concepts ... 22
... 1.2 ... Process Analysis ... 26
... 1.3 ... Role Definition ... 34
... 1.4 ... Naming Conventions ... 35
... 1.5 ... Critical Success Factors ... 38
2 General Authorization Check ... 41
... 2.1 ... Elements ... 41
... 2.2 ... Role Maintenance ... 43
... 2.3 ... Authorization Objects ... 60
... 2.4 ... Required System Authorizations ... 77
... 2.5 ... Customizing the Profile Generator ... 88
... 2.6 ... Period of Responsibility and Time Logic ... 94
... 2.7 ... Test Procedures (Infotype 0130) ... 99
... 2.8 ... Extensions ... 104
... 2.9 ... Critical Success Factors ... 113
3 Structural Authorization Check ... 115
... 3.1 ... Structural Authorization Check in Organizational
Management ... 116
... 3.2 ... Maintaining the Structural Profi les ... 118
... 3.3 ... Function Modules ... 121
... 3.4 ... Transfer to Other Structures in SAP ERP HCM ... 123
... 3.5 ... Use in Personnel Administration ... 125
... 3.6 ... Assigning Structural Profi les to Users ... 126
... 3.7 ... Period of Responsibility and Time Logic ... 128
... 3.8 ... How the Structural Authorization Check Handles
Nonintegrated Persons ... 133
... 3.9 ... Performance Optimization ... 134
... 3.10 ... Extensions ... 137
... 3.11 ... Critical Success Factors ... 140
4 Context-Dependent Authorization Check ... 141
... 4.1 ... Functionality ... 141
... 4.2 ... Setup and Maintenance ... 145
... 4.3 ... Other Context-Dependent Authorization Objects ... 148
... 4.4 ... Critical Success Factors ... 149
5 Authorization Roles in SAP HCM Components ... 151
... 5.1 ... Payroll and Subsequent Activities ... 152
... 5.2 ... Appraisal System ... 158
... 5.3 ... Position Budgeting and Control ... 160
... 5.4 ... Cross Application Time Sheet (CATS) ... 163
... 5.5 ... E-Recruiting ... 166
... 5.6 ... SAP Expert Finder ... 176
... 5.7 ... HR Administrative Services ... 178
... 5.8 ... Management of Global Employees ... 180
... 5.9 ... Manager's Desktop ... 181
... 5.10 ... Organizational Management (OM) ... 182
... 5.11 ... Performance Management ... 184
... 5.12 ... Personnel Administration and Time Management ... 190
... 5.13 ... Recruitment (Classic) ... 194
... 5.14 ... Shift Planning ... 198
... 5.15 ... Personnel Development ... 201
... 5.16 ... Human Resources Information System/Reporting ... 207
... 5.17 ... Personnel Cost Planning ... 211
... 5.18 ... Self Services ... 212
... 5.19 ... Travel Management ... 215
... 5.20 ... Training and Event Management/SAP Learning
Solution ... 218
... 5.21 ... Summary ... 224
6 Implementing an Authorization Concept ... 225
... 6.1 ... Preparations in the System ... 226
... 6.2 ... Creating and Testing Roles ... 237
... 6.3 ... Transport ... 238
... 6.4 ... Documentation and Redesigning ... 241
... 6.5 ... Critical Success Factors ... 243
7 Reports for the Authorization System ... 245
... 7.1 ... Analysis of Users with Critical Authorizations ... 246
... 7.2 ... Overview of the Most Vital Authorizations of a User ... 250
... 7.3 ... Overview of all Authorization Objects of a User ... 251
... 7.4 ... Roles by Complex Selection Criteria ... 253
... 7.5 ... Assignment of Single Roles to Composite Roles ... 256
... 7.6 ... Additional Reports ... 257
... 7.7 ... Critical Success Factors ... 258
8 Authorizations in Programming ... 259
... 8.1 ... Authorizations in Reports Without Logical
Databases ... 259
... 8.2 ... How the Logical Databases Handle Missing
Authorizations ... 266
... 8.3 ... Enterprise-Specific Database with Own Authorization
Check ... 267
... 8.4 ... Authorizations for Programmers ... 269
... 8.5 ... Downloading from Reports ... 270
... 8.6 ... Critical Success Factors ... 272
9 Troubleshooting ... 275
... 9.1 ... Troubleshooting in General Authorizations ... 275
... 9.2 ... Troubleshooting in Structural Authorizations ... 282
... 9.3 ... Troubleshooting in Context-Dependent
Authorizations ... 284
... 9.4 ... Summary and Critical Success Factors ... 285
10 Selected Problem Areas and Their Solutions ... 287
... 10.1 ... Authorizations from Organizational Management
(Schaeffler KG) ... 287
... 10.2 ... Starting Reports via Customer Programs
(ThyssenKrupp Steel AG ... 292
... 10.3 ... Minimizing the Number of Roles and Decentralized
Assignment (B. Braun) ... 295
... 10.4 ... Hiding Specific Fields in Infotypes ... 300
... 10.5 ... Supporting the Workflow with the Double-Verification
Principle ... 302
... 10.6 ... Authorization-Relevant Switches in Queries ... 304
... 10.7 ... Transaction Variants ... 306
... 10.8 ... Summary ... 312
Appendices ... 575
... A ... Transactions for Authorization Management ... 315
... B ... Authorization Objects of the SAP HCM System ... 317
... C ... Authorization Switches ... 319
... D ... Business Add-Ins ... 321
... E ... Glossary ... 323
... F ... Recommended Reading ... 327
... G ... The Authors ... 329