SAP authorizations in SAP S/4HANA

Learn about the options for bringing your authorizations to SAP S/4HANA, and how we can help you find the best way to do it

10 tips for your authorization management in SAP S/4HANA (in German)

IBsolution_S4HANA

Transferring authorizations to SAP S/4HANA

IBsolution_Herausforderungen_Challenges

Finding the individual best way for your company

Low_Risk_IBsolution

Developing appropriate permissions

 

Frequent questions

  • What happens to transactions that are no longer available?

  • How do I go about revising my roles?

  • Why is the use of the profile generator recommended?

  • How do I integrate new Fiori apps into my authorization concept?

  • What options do I have when transferring roles?

The right way to the goal

SAP authorizations are usually created and maintained over years or even decades with great effort. The simplification of processes in SAP S/4HANA leads to the loss of frequently used transactions, which are replaced by new Fiori apps. In addition, depending on the use of the profile generator (SU25) and the authorization default values of SU24, a greater or lesser amount of rework is required. IT managers rightly ask themselves whether and how they can efficiently transfer authorizations to SAP S/4HANA. 

Whether redesign, partial redesign or migration – we will find the optimal way to bring your authorizations into the new SAP S/4HANA system.

Together with you, we analyze your existing authorization structure and related concepts. In doing so, we check how roles have been developed so far and whether the SAP standard has been taken into account. In addition, we identify which processes are affected by the changes and whether new features are introduced. Adding new Fiori apps complements the removal of obsolete transactions and takes you to a new level of user experience.

Power_Workshop_for_SAP_Authorizations_1000x667px_web

Power Workshop for SAP Authorizations

In our Power Workshop for SAP Authorizations, we review your existing authorization concept together with you to determine whether it covers current requirements. A key focus is on the aspect of future viability, which we realize through maintainability, efficient functionality and maximum security. Whether your authorizations need a redesign or just a revision and what your path to SAP S/4HANA will look like, we work out on the basis of your individual prerequisites and requirements.

Click here for the Power Workshop for SAP Authorizations

Many companies ask themselves how they can transfer their authorizations to SAP S/4HANA. With our best-practice experience and comprehensive know-how, we support you on your way to a modern and sustainable authorization concept in the new SAP system.

 

Your personal path to new authorizations in SAP S/4HANA

Which path is the right one to transfer your authorizations to SAP S/4HANA depends on your individual requirements. 
IBsolution_Industry_specific_solution

Redesign

  • Definition of new roles on a job basis in the standard

  • Analysis of used applications

  • Predominant use of Fiori apps

  • Consideration and maintenance of authorization default values (SU24)

IBsolution_preparation

Redesign (Migration) light

  • Transfer of existing roles to the standard

  • Consideration and maintenance of authorization default values (SU24)

  • Consideration of the Simplification List during SAP S/4HANA implementation

  • Extension with Fiori apps

  • If necessary, adjustments due to process changes

IBsolution_Consolidation

Migration

  • Observance of the Simplification List

  • Extension with Fiori apps

  • If necessary, adjustments due to process changes

 

Together we design suitable authorizations

Whether redesigning authorizations when migrating to SAP S4/HANA or cleaning up existing authorizations in legacy systems − an efficient authorization and role concept is the basis for secure and functional operation of your SAP systems..

Together with you, we design appropriate authorizations for your systems and processes. In workshops with your departments, we create the right concepts to assign the necessary rights to your employees. The goal here is to define so-called job roles, which represent job profiles at the job level.

With these methods we do not only support you during the implementation. Afterwards, you will also be able to maintain and manage the solutions independently. Or you can place the operation in our hands trustfully: We call this Customer Success.

We take care of your challenges in the areas of:

  • Authorization design for SAP S/4HANA

  • Creation/revision of authorizations and roles

  • Introduction of the profile generator and authorization default values

  • Transfer of roles to SAP S/4HANA

Click here for the Power Workshop for SAP Authorizations

Your contact person

Marius_Carl_neu_400x400px

Marius Carl

marius.carl@ibsolution.com

+49 7131 2711-3000

Further information on authorizations in SAP S/4HANA

Challenges with authorizations in SAP S/4HANA | IBsolution
Blog

Why authorizations in SAP S/4HANA can cause problems

The migration to SAP S/4HANA brings with it certain challenges in terms of roles and authorizations. We provide an overview of why authorization management is so fundamental when moving to SAP S/4HANA and how you can overcome these challenges.
Read more
Tips for authorization management in SAP S/4HANA | IBsolution
How to realize tailor-made authorizations

10 tips for flawless authorization management in SAP S/4HANA

The SAP S/4HANA migration makes it necessary to adapt the existing authorization concept or create a new one. Our 10 tips will enable you to master the associated challenges and ensure the smooth operation of SAP S/4HANA.
Download for free (in German)
Authorizations in SAP S/4HANA | IBsolution
Blog

What changes in authorizations with SAP S/4HANA

SAP S/4HANA brings with it various new processes and technologies that did not previously exist in this way in SAP ERP. In addition, there are also differences in the authorization concepts between SAP S/4HANA and previous ERP versions from SAP that must be taken into account to ensure smooth user access.
Read more
Authorization default values and profile generator | IBsolution
Transactions SU24 and SU25

Default values and profile generator for SAP authorizations

SAP authorizations are often developed without the adjusted default values of transaction SU24. As a result, the profile generator (SU25) cannot develop its full potential. The biggest advantage of the authorization default values with regard to SAP S4/HANA is the reduced effort required for reworking the authorizations of the roles.
Learn more
SAP Authorization Management | IBsolution
Controlling user access

SAP Authorization Management

Authorizations in SAP systems form the basis for Identity & Access Management. They enable users to access the applications they need to perform their activities. Since functional and organizational requirements are subject to change, SAP authorizations must be regularly checked and reworked.
Learn more
Redesign of SAP authorizations | IBsolution
Modern and efficient authorization concepts

Redesign of SAP authorizations

We examine your existing authorization concept and analyze possible areas for action. Depending on the results and the state of your authorization structure, we develop an individual roadmap to transform your roles into a modern and sustainable authorization concept.
Learn more
Challenges with SAP authorizations | IBsolution
Which scenario applies to you?

Why SAP authorizations can pose challenges for you

An efficient authorization and role concept forms the basis for the secure and smooth operation of SAP systems. There are currently three main scenarios that affect the authorization structure of companies and require a review: the SAP S/4HANA migration, the use of SAP Fiori interfaces and general problems with authorizations.
Learn more
Avoid conflicts in authorizations | IBsolution
Blog

How to avoid conflicts and risks in authorizations

SAP Access Control and SAP Cloud Identity Access Governance (IAG) address the management of users and authorizations in compliance with rules and with as little risk as possible. While SAP Access Control is an on-premise solution, SAP IAG is available as a cloud service on SAP Business Technology Platform.

Read more
SECMENDO.audit | IBsolution
Adjustments to the authorizations

SECMENDO.audit

The architecture and database structure of SAP S/4HANA also affect authorization management. Working with Fiori apps requires changes to roles and the associated authorization objects. In the first step, an authorization check provides information about where exactly your company needs to start in this regard.

Learn more

You want to learn more about how to develop suitable role concepts and bring your authorizations to SAP S/4HANA?

For more information, simply complete and submit the form. We are looking forward to your request.

Discover more components of our SAP Security portfolio

Identity Lifecycle Management | IBsolution

Identity Lifecycle Management

Identity lifecycle management is part of enterprise security and describes all processes for assigning roles and authorizations − from when an employee joins the company, through changing responsibilities or even changing department, to when he or she leaves.

Learn more
SAP Identity & Access Management | IBsolution

SAP Identity & Access Management

Identity & Access Management solutions, individually or in combination, enable efficient and compliant operation of target systems. This includes the detection and minimization of risks as well as the process-based provisioning and removal of users and accesses.

Learn more
SECMENDO product suite | IBsolution

SECMENDO product suite

The tools of the SECMENDO product suite extend the capabilities of existing SAP Identity & Access Management (IAM) solutions. The goals are an improved user experience, enhanced functionality and more efficient processes.

Learn more

A selection of our customers