SAP security is often ignored almost completely during a migration.
Why is an S/4HANA migration impossible without also redesigning your authorizations?
- SAP S/4HANA is an entirely new software solution, not an extension of SAP ERP.
- Familiar transaction codes have been eliminated as a result of change process flows, have different content, or have been replaced by new transactions or Fiori apps.
- The many new and announced Fiori apps have to be incorporated in the roles and SoD checking rules or deleted completely. The SAP Fiori App Library and Simplification Lists represent the foundation for this. At the same time, these information sources are very large and the time required to match needs is lengthy.
With the SAST SUITE, the technical migration of your authorizations to SAP S/4HANA is standardized. The solution is also capable of automated preparations, relieving you of a large part of the conversion work. Our experienced consultants will also look after your individual requirements and ensure a targeted, successful conversion of your authorizations.
We offer a variety of approaches to a successful SAP S/4HANA migration:
Brownfield approach: Transformation of existing roles from your legacy system
- Compares your roles with the impact associated with SAP S/4HANA migration
- Addition of Fiori apps (optionally in new front roles or existing roles)
- Deactivation of obsolete transactions
- Selective deactivation of unused transactions
- Comparison with your current authorization proposal values (SU24)
- Smooth go-live with SAST Safe Go-Live Management
Greenfield approach: Redesign your SAP authorizations based on changed processes
- Create a process-role model based on our best practice approach in combination with the authorization trace in the SAST SUITE
- Take your SoD rule set into account in the changed SAP S/4HANA business processes
- Tailor-made redesign through use of the SAST SUITE
- Support for audit-compliant design with our best-practice templates
- Testing support and smooth go-live with SAST Safe Go-Live Management
Selective data approach: Redesign your SAP authorizations based on current processes
- Analysis of transactions used in the legacy system as the basis for the new concept
- Develop a new, custom-tailored, workplace-specific reference model with support by the SAST SUITE
- Take the changed SAP S/4HANA business processes into account in your new roles and SoD rule sets
- Support for audit-compliant design with our best-practice role templates
- Smooth go-live with SAST Safe Go-Live Management
When designing your SAP S/4HANA authorization concept, the quality of your current roles and your internal objectives are the deciding factors for determining whether the brownfield, greenfield, or selective data approach is right for you. Talk to us about using a pilot authorization study to make your decision.
One advantage from your migration project with us: the SAST Safe Go-Live approach. This is how we ensure that the authorization structures behind the Fiori apps are transparent for your S/4HANA system, which intertwines both the SAP Fiori front end and the SAP back end server. When you execute the report, you gain a detailed record of user activities and a code analysis.
Your advantages at a glance:
- We analyze your existing processes, roles, and authorizations with our SAST SUITE, checking for reusability, critical authorizations, and SoD risks
- Full transparency of functions you use through the comprehensive analysis functions in the SAST SUITE
- Concept proposal for transforming your current authorizations and/or creating new, tailor-made SAP S/4HANA roles
- Update your SU24 values on SAP S/4HANA
- Configure your SAP Fiori authorizations
- Automated role generation with SAST Role Management
- Smooth go-live
Our SAP Security Consultants help you identify and eliminate any security vulnerabilities on the application server, your operation system, and your databases.