profile generator

8/3/2019 Profile Generator

1/11

Profile Generator


2/11

Learning Objectives

Security

Introduction of PFCG

Types of Roles

Authorization

About Tutorial

Getting Started


3/11

SECURITY

The purpose of security is to protect an organizationsinformation by restricting access to those that need to

know.

Defense against financial failure: Measures taken as a

precaution against theft, sabotage or espionage.PrincetonUniversity

Do not leave security to chance as unauthorized execution

can lead to fraud, collusion or other illegal activities.

These risks can be mitigated through proper securitycontrols.


4/11

Why To Have Security?

Reasons

Cooperate espionage

Sabotage Disgruntled employees

Hackers

Fraudulent activities (remove temptation)


5/11

Security Expectations

Protection of Data

Laws (Personal information HR, Sarbanes Oxley)

Agreements (Between vendors and suppliers)

Policies enforceable Cost Benefit Relation

Security comes at a cost

Impossible to make system 100 percent secure

Be Transparent

Minimise obstruction of companies business processes


6/11

Types OF Security


7/11

PFCG An SAP delivered tool that is used to develop role based

security

Each user would have roles that provide access to the

activities that he or she needs to perform

Each role contains authorizations that the user is allowed toperform

For example, the Credit Manager would have a different

set of access for Accounts Receivable data than a Accounts

Receivable clerk. Both need access to A/R, but theyperform different update tasks. These tasks are stored in

roles.


8/11

User, Role and Authorization

SAP AG 1999

Createpurchase

requisition(ME51)

Orderpurchaserequisition

(ME58)

Releasepurchase

requisition(ME54)

Employees have roles with specific functions and need authorizations for these functionsEmployeesEmployees have rolesroles with specific functionsfunctions and need authorizationsauthorizations for these functions

Users, Roles, and Authorizations

KarenKaren

SusanSusan

JohnJohn

Procurement

Employee

Servicerepresentative

EmployeeService

representativeManager

Employee

Purchaser

Authorization to create

purchase requisitions

Authorization to releasepurchase requisitions

Authorization to createpurchase orders


9/11

Types of Roles in PFCG

ROLE: Roles define static collections of

privileges that define broad user access

rights and definitions.

There are 2 types of roles in PFCG:

1. Single role Profile

2. Composite role Profile


10/11

Types of Roles in PFCG (cont.)

Single Role Profile: Single profile is the simple set up which links the activities

within the roles to a profile.

The single profile will have access to a set of specific

systems under authorization for that user.

Composite Role Profile:

Composite profiles refer to the various employee roles

available in the corporation. A composite profile may encapsulate another composite

profile or profiles.


11/11

Authorization

Authorization is the process of giving someone permission

to do or have something.

Authorization is the process of assigning values of the

fields present in authorization objects.

In SAP, access to all systems functionality is achieved

through a complex array of authorizations.

Authorizations are the key building blocks of SAP

security.

profile generator

Documents