profiletailor™ dynamics training
TRANSCRIPT
![Page 1: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/1.jpg)
ProfileTailor™ Dynamics Training
HCM Auditor Session
![Page 2: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/2.jpg)
Agenda • Get to know ProfileTailor™ HCM Auditor
• Learn about HCM’s processes and capabilities:
– Usage monitoring
– Authorization inspection
– Ongoing auditing
• Learn about SAP Spool’s processes and capabilities:
– Usage monitoring
– Ongoing auditing
AGENDA
![Page 3: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/3.jpg)
Introducing ProfileTailor™ HCM Auditor Xpandion’s HCM Auditor features:
• Unprecedented visibility of actual real-time authorization usage to SAP®
• Functional and simple management of SAP authorizations for HCM
• Accelerated response to sensitive activity enabling quick and efficient leakage prevention
GET TO KNOW PROFILETAILOR™ HCM AUDITOR
![Page 4: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/4.jpg)
Introducing ProfileTailor™ HCM Auditor The system uniquely monitors:
• User access to employee data in SAP® HCM module – Example: viewing employee’s family status
• User access to employee HCM data in SAP Spool – Example: viewing salary slips
GET TO KNOW PROFILETAILOR™ HCM AUDITOR
![Page 5: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/5.jpg)
Challenge & Demand Organizations face the challenge of:
• Identifying relevant information – what was viewed, who is authorized, who performed, etc.
• Understanding HCM’s SAP authorizations
• Customized alert and alarm system
GET TO KNOW PROFILETAILOR™ HCM AUDITOR
![Page 6: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/6.jpg)
Unique Solution A monitoring tool with unmatched ABAP capabilities, HCM Auditor delivers: • Usage recorded at infotype level for quick and efficient pinpoint of
required information
• Advanced filtering capabilities for simple tracking of HCM SAP authorizations
• Customized events for accessing own HCM information and defining its severity
GET TO KNOW PROFILETAILOR™ HCM AUDITOR
![Page 7: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/7.jpg)
HCM Processes & Capabilities
![Page 8: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/8.jpg)
HCM Usage Monitoring Use HCM Auditor to:
• Monitor users who performed HCM activities on employees
• Monitor employees who were accessed by users
• Generate consolidated view of HCM activities
USAGE MONITORING – HCM
![Page 9: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/9.jpg)
HCM Entities • User – SAP user defined in SAP and exported to PTD
• Employee – actual person defined in HCM SAP
• Infotype – HCM-related information about employee
• Subtype – subgroup of infotype
• Action – actions performed on SAP employee’s data (display, modify, update, delete)
USAGE MONITORING – HCM
![Page 10: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/10.jpg)
HCM Activity on Employees Monitor HCM actions performed:
• Over specific period of time
• On specific SAP employee/all SAP employees
• For specific action performed on employee/all actions performed on employee
USAGE MONITORING – HCM
![Page 11: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/11.jpg)
Monitor users who performed HCM activities on employees
• User > Activity Center > HR Activity Monitoring
USAGE MONITORING – HCM
HCM Activity on Employees
![Page 12: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/12.jpg)
HCM Data Accessed by Users Monitor users who: • Are allowed to access only specific infotype of employee, or all
infotypes
• Are allowed to access only specific subtype of selected infotype, or all subtypes
• Belong to specific/any User Group Type
• Belong to specific/any User Group
• Do not belong to specific User Group
USAGE MONITORING – HCM
![Page 13: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/13.jpg)
Monitor employees who were accessed by users
• Other Objects > HR Module > Employee to Users (Real Use)
USAGE MONITORING – HCM
HCM Data Accessed by Users
![Page 14: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/14.jpg)
HCM Activities – Consolidated View View consolidated matrix of HCM activities
• For each user, the employees whose HCM data was accessed
• For each employee, the users who accessed employee’s data
USAGE MONITORING – HCM
![Page 15: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/15.jpg)
HCM Activities – Consolidated View Generate consolidated matrix of HCM activities
• Other Objects > HR Module > Employees to Users (Real Use)
USAGE MONITORING – HCM
![Page 16: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/16.jpg)
Authorization Inspection Use HCM Auditor to:
• Inspect users allowed to access employee
• View consolidated matrix of HCM authorizations
AUTHORIZATION INSPECTION – HCM
![Page 17: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/17.jpg)
HCM Data Access – Authorized Users Generate report of users allowed to access:
• Only specific infotype of employee, or all infotypes
• Only specific subtype of selected Infotype, or all subtypes
AUTHORIZATION INSPECTION – HCM
![Page 18: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/18.jpg)
HCM Data Access – Authorized Users Generate report of users allowed to access HCM data
• Other Objects > HR Module > Employee to Users (Static)
AUTHORIZATION INSPECTION – HCM
![Page 19: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/19.jpg)
HCM Authorizations – Consolidated View View consolidated matrix of HCM authorizations:
• For each user, the employees whose data a user is authorized to access
• For each employee, the users who are authorized to access the employee’s data
AUTHORIZATION INSPECTION – HCM
![Page 20: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/20.jpg)
HCM Authorizations – Consolidated View Generate a matrix of Employees to Users
• Other Objects > HR Module > Employees to Users (Static)
AUTHORIZATION INSPECTION – HCM
![Page 21: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/21.jpg)
Ongoing Auditing Use HCM Auditor to:
• Monitor high risk HCM activity
• Monitor own access information
• Configure custom events
ONGOING AUDITING – HCM
![Page 22: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/22.jpg)
High Risk HCM Activity • Configure defined combinations of criteria as high risk
HCM audit situations
• For example:
– All actions performed on certain infotypes (pay slip)
– Specific action performed on infotype (salary)
– Action performed by User from specific User Group (programmer viewing pay slip)
ONGOING AUDITING – HCM
![Page 23: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/23.jpg)
High Risk HCM Activity Configure HCM audit situation as high risk
• Configuration > High Risk Objects Configuration > High Risk HR Audit Situations Configuration
ONGOING AUDITING – HCM
![Page 24: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/24.jpg)
High Risk HCM – Event HCM infotype is accessed/modified; the following event occurs:
ONGOING AUDITING – HCM
![Page 25: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/25.jpg)
High Risk HCM Activity – Report Generate report of actions performed on high risk combinations
• Other Objects > HR Module > High Risk HR Activity
ONGOING AUDITING – HCM
![Page 26: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/26.jpg)
Own Access Information Define severity of infotype for own access information
• Configuration > HR Configuration > Infotype Configuration
ONGOING AUDITING – HCM
![Page 27: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/27.jpg)
Own Access Information – Event Own sensitive HR data is accessed; the following event occurs:
ONGOING AUDITING – HCM
![Page 28: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/28.jpg)
Custom Events
• Define business rules, creating custom events
• For Example:
– Situation regarding combination of activities, functions, authorization data and users
– When certain user performs activity on specific data
– PTD records all events on defined objects
ONGOING AUDITING – HCM
![Page 29: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/29.jpg)
Custom Events Define an event
• Configuration > Events and Alerts Configuration > Custom Events.
ONGOING AUDITING – HCM
![Page 30: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/30.jpg)
SAP Spool Processes & Capabilities
![Page 31: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/31.jpg)
SAP Spool Usage Monitoring • SAP users with access to SAP Spool data can access
sensitive information residing in SAP Spool – Example – unauthorized programmer waits for 1st day of month
and uses transaction SP01 to view pay slips of other employees
• Use HCM Auditor to monitor: – Users who performed actions on SAP Spool
– Actions performed on SAP Spool items
USAGE MONITORING – SAP SPOOL
![Page 32: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/32.jpg)
SAP Spool Entities • User – SAP user defined in SAP and exported to PTD
• Spool Item – activity output in SAP Spool
• Action – actions users perform on SAP Spool (display list, print, reprint, delete)
USAGE MONITORING – SAP SPOOL
![Page 33: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/33.jpg)
SAP Spool Actions – by Users Monitor SAP Spool actions performed by users:
• Over specific period of time
• On specific SAP employee/all SAP employees
• For specific action performed on employee/all actions performed on employee
USAGE MONITORING – SAP SPOOL
![Page 34: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/34.jpg)
Generate report of SAP Spool actions performed by users
• User > Activity Center > SAP Spool Activity Monitoring
USAGE MONITORING – SAP SPOOL
SAP Spool Actions – by Users
![Page 35: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/35.jpg)
Actions on SAP Spool Items View records of actions performed:
• On specific SAP Spool item/items containing specific string
• By users of specific User Group Type/User Group
• By users of no specific User Group
• On SAP Spool items user did not create
USAGE MONITORING – SAP SPOOL
![Page 36: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/36.jpg)
Actions on SAP Spool Items Generate report of actions performed on SAP Spool
items
• Other Objects > SAP Spool > Search for Spool Activity
USAGE MONITORING – SAP SPOOL
![Page 37: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/37.jpg)
Ongoing Audit Use HCM Auditor to monitor high risk SAP Spool activity
• Define combination of criteria as high risk SAP Spool activity
• For example: – Monitor actions performed on combinations defined as high risk
– User performs high risk combination not included in usage profile
ONGOING AUDITING – SAP SPOOL
![Page 38: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/38.jpg)
High Risk SAP Spool Activity Generate a report of actions performed on high risk
combinations
• Other Objects > SAP Spool > High Risk SAP Spool Activity
ONGOING AUDITING – SAP SPOOL
![Page 39: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/39.jpg)
High Risk SAP Spool Activity SAP Spool item is accessed; the following event occurs:
ONGOING AUDITING – SAP SPOOL
![Page 40: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/40.jpg)
Questions?
![Page 41: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/41.jpg)
Key Takeaways √ Obtain relevant & precise information easily √ Optimize use of HCM SAP authorizations √ Enhance ongoing auditing performance
KEY TAKEAWAYS
![Page 42: ProfileTailor™ Dynamics Training](https://reader031.vdocuments.site/reader031/viewer/2022012011/61d9cce87bada93b3517a854/html5/thumbnails/42.jpg)
Thank You!