Object S_BTCH_ADM (batch administration authorization)
Checking at Program Level with AUTHORITY-CHECK
Suitable for this responsible task are, for example, department heads or SAP key users who are familiar with all data access options (cross-module, via report, directly to the raw table, etc.) as well as with the organizational and technical protection measures. By signing the data ownership concept, the responsibility should be acknowledged and taken as seriously and bindingly as, for example, the signature under the purchase contract of a house.
SAP authorizations are a security-critical and thus an immensely important topic in companies. They are used not only to control the access options of users in the SAP system, but also the external and internal security of company data depends directly on the authorizations set.
Unclear objectives and lack of definition of own security standards
This only takes into account the applications that are maintained in the role menus of the selected PFCG roles. If you have set the check for Only applications with changed SU22 data, only applications where the suggestion values have been changed by an import, e.g. by Support Packages or Enhancement Packages, will be used. Take the step to take the data from the SU22 transaction by selecting your applications. You will now get a list of applications that you need to match. Select the rows that the applications to match. The buttons in the menubar help you to adjust.
Even the best authorization tools cannot compensate for structural and strategic imbalances. Even a lack of know-how about SAP authorizations cannot be compensated for cost-effectively by means of tools.
Authorizations can also be assigned via "Shortcut for SAP systems".
To do this, enter a user who will call the application you want to record, and then click Turn on Trace.
This function can be disabled by customising.