profile generator
TRANSCRIPT
-
8/3/2019 Profile Generator
1/11
Profile Generator
-
8/3/2019 Profile Generator
2/11
Learning Objectives
Security
Introduction of PFCG
Types of Roles
Authorization
About Tutorial
Getting Started
-
8/3/2019 Profile Generator
3/11
SECURITY
The purpose of security is to protect an organizationsinformation by restricting access to those that need to
know.
Defense against financial failure: Measures taken as a
precaution against theft, sabotage or espionage.PrincetonUniversity
Do not leave security to chance as unauthorized execution
can lead to fraud, collusion or other illegal activities.
These risks can be mitigated through proper securitycontrols.
-
8/3/2019 Profile Generator
4/11
Why To Have Security?
Reasons
Cooperate espionage
Sabotage Disgruntled employees
Hackers
Fraudulent activities (remove temptation)
-
8/3/2019 Profile Generator
5/11
Security Expectations
Protection of Data
Laws (Personal information HR, Sarbanes Oxley)
Agreements (Between vendors and suppliers)
Policies enforceable Cost Benefit Relation
Security comes at a cost
Impossible to make system 100 percent secure
Be Transparent
Minimise obstruction of companies business processes
-
8/3/2019 Profile Generator
6/11
Types OF Security
-
8/3/2019 Profile Generator
7/11
PFCG An SAP delivered tool that is used to develop role based
security
Each user would have roles that provide access to the
activities that he or she needs to perform
Each role contains authorizations that the user is allowed toperform
For example, the Credit Manager would have a different
set of access for Accounts Receivable data than a Accounts
Receivable clerk. Both need access to A/R, but theyperform different update tasks. These tasks are stored in
roles.
-
8/3/2019 Profile Generator
8/11
User, Role and Authorization
SAP AG 1999
Createpurchase
requisition(ME51)
Orderpurchaserequisition
(ME58)
Releasepurchase
requisition(ME54)
Employees have roles with specific functions and need authorizations for these functionsEmployeesEmployees have rolesroles with specific functionsfunctions and need authorizationsauthorizations for these functions
Users, Roles, and Authorizations
KarenKaren
SusanSusan
JohnJohn
Procurement
Employee
Servicerepresentative
EmployeeService
representativeManager
Employee
Purchaser
Authorization to create
purchase requisitions
Authorization to releasepurchase requisitions
Authorization to createpurchase orders
-
8/3/2019 Profile Generator
9/11
Types of Roles in PFCG
ROLE: Roles define static collections of
privileges that define broad user access
rights and definitions.
There are 2 types of roles in PFCG:
1. Single role Profile
2. Composite role Profile
-
8/3/2019 Profile Generator
10/11
Types of Roles in PFCG (cont.)
Single Role Profile: Single profile is the simple set up which links the activities
within the roles to a profile.
The single profile will have access to a set of specific
systems under authorization for that user.
Composite Role Profile:
Composite profiles refer to the various employee roles
available in the corporation. A composite profile may encapsulate another composite
profile or profiles.
-
8/3/2019 Profile Generator
11/11
Authorization
Authorization is the process of giving someone permission
to do or have something.
Authorization is the process of assigning values of the
fields present in authorization objects.
In SAP, access to all systems functionality is achieved
through a complex array of authorizations.
Authorizations are the key building blocks of SAP
security.