Support for the design and implementation of an authorization concept in an international SAP R/3 introduction project.
SAP R/3 is introduced in a subsidiary in Latin America on the basis of a template; this affects almost every module (FI, CO, PS, IM, SD, MM, LE, PP, QM). At the same time as the functional design, an authorization concept is implemented.
The roles are defined at the transaction level. Single roles are grouped together into job roles for specialist tasks and these are assigned to users. A detailed concept is also used in the Basis area, based on organizational criteria. One reason for this is to protect the customizing settings for the template. CUA (centralized user administration) in R/3 is used to assign rights in the complex infrastructure. The assignment of rights is checked using the VIRSA tool, which helps monitor the SoD (segregation of duties) and mitigation. In the financial area, checks are also carried out to ensure compliance with the provisions of the Sarbanes-Oxley Act (SOX).