SAP authorization concept for S/4HANA
Prepare your authorization concept for S/4HANA
What happens with the authorization concept after S/4HANA migration? The S/4HANA migration also affects companies’ SAP authorization concepts. These must be adapted or even newly created. Concerns about data loss and operational failures are shared by those responsible. We start exactly where things get complicated and uncertain. We support you so that your SAP authorization concept fits with S/4HANA.
SAP authorization concept for S/4HANA
What does S/4HANA mean for your authorization concept?
The upgrade to SAP S/4HANA is a new product, not an extension of the original ERP software. In SAP S/4HANA, transactions are partially deleted or replaced by new transactions and SAP Fiori apps. SAP has made this available in a “Simplification List” comprising over 1000 pages for each application or functional area. The conversion to the new transactions also requires significant changes in your roles and the associated authorization objects.
This means that the existing authorization concept must be optimized or proportionally redesigned. The changes resulting from the introduction of S/4HANA not only require a great deal of time but can also lead to significant gaps in your authorizations, which are difficult to close without professional support.
The S/4HANA Quick Check
Is your SAP authorization concept compatible with S/4HANA?
Do the S/4HANA Quick Check
With the SIVIS S/4HANA Quick Check, we determine which changes to your roles are necessary to prepare your SAP authorization concept for S/4HANA. You will receive a complete report on changes that are necessary to make your SAP authorization concept compatible with S/4HANA. We also provide you with concrete recommendations for action. There are two options – adapting the authorization concept or completely redesigning it. We analyze your existing SAP authorization concept and then recommend one of the two approaches.
Preparation for the S/4HANA migration of SAP authorizations
We prepare your SAP authorization concept for S/4HANA
Rebuilding the SAP authorization concept for S/4HANA migration (The Greenfield approach)
One possibility is to completely rebuild the SAP authorization concept. This is done using the functional specifications of the SIVIS Role Reference Manager. For this purpose, the roles to be assigned are adapted to your specifications step by step from other projects. This means that the new SAP authorization concept is based on your role-related job profiles.
Preparation of the SAP authorization concept for S/4HANA migration (The Brownfield Approach)
Adapt your existing authorization concept. For this purpose, the roles are examined and the necessary adjustments to the role design are shown in order to create the S/4HANA destination roles. An analysis based on the SAP “Simplification List” is performed. Thus, a quick adjustment of your SAP roles is possible.
S/4HANA Revision of your SAP authorization concept
SIVIS supports you individually in the revision of your SAP authorization concept
Our experience has shown that there is no template that fits for every company. Every company has different requirements and therefore different challenges. These must be understood and analyzed. A suitable procedure is then derived from this. With our process we make sure that nothing is overlooked and guarantee a smooth process.
Secure Go-Live of the S/4HANA compatible SAP authorization concept
Our approach to the S/4HANA migration of your SAP authorization concept
SIVIS supports both approaches and, with the SIVIS S/4HANA Migration Service, helps to screen authorizations for weaknesses, risks and violations. Subsequently, necessary changes are implemented based on the analysis and the new roles are optimized using the productive test simulation. These are adjusted by continuous result monitoring of the test scenarios. By using the SIVIS Suite, the effort of the migration project is better delimited and the changeover is easier to manage, so that planning security is on your side and your authorization concept also permanently meets the requirements.
SIVIS Suite modules for the S/4HANA migration of your authorization concept
SIVIS modules for the development of an authorization concept after S/4HANA migration
Up to a certain company size, SAP tools such as PFCG can be used in addition to the SIVIS Extension Manager. However, the more extensive the destination systems, company codes or user numbers are, the more the use of SIVIS manager tools is useful here, too.
SIVIS Extension Manager
The SIVIS Extension Manager supports the SAP authorization assignment by finding and assigning suitable SAP authorizations. For this it records which transactions, objects and values are actually called by individual users. From this it determines which authorizations are necessary for which roles and delivers a hit list with suitable default values. The subsequent implementation takes place without manual effort. This saves time-consuming analysis work and speeds up the development of the new authorization concept.
SIVIS Compliance Manager
At the same time, the SIVIS Compliance Manager checks whether these are critical combinations of authorizations which must be resolved or integrated. This ensures that your new authorization concept is compliant.
The advantages of SIVIS products
Frequently asked questions
With the S/4HANA Quick Check. In this way you will find out quickly how your authorization concept needs to be adapted to become S/4HANA compatible. You receive a report with all necessary changes as well as concrete recommendations for actions that are individually tailored to your company.
With the introduction of SAP S/4HANA, the existing data model will be changed substantially. This also affects the roles and transactions that have to be taken into account during a migration. In practice, it does not work for an old authorization concept from SAP ECC to be transferred to S/4HANA.
SIVIS also takes over running projects and continues to help you. SIVIS cleans up your in-house development and ensures an S/4HANA compatible SAP authorization concept.