SAP GRC Superuser Privilege Management



Similar documents
Active Directory Integration for Greentree

Online eopf Self-service Feature for Login ID and Password Retrieval for New Users

Connecting to HomeRun over the Web

Education Solutions Development, Inc. APECS Navigation: Business Systems Getting Started Reference Guide

Publishing with Adobe Presenter 10 (Detailed)

This web-based report provides information for single funds centers. The report can be run for one funds center or multiple single funds centers.

ONBASE OUTLOOK CLIENT GUIDE for 2010 and 2013

IT HELP Desk Dashboard ManageEngine Service Desk Plus User Guide

User Guide. SysMan Utilities. By Sysgem AG

A) Setting Screen Resolution to 1024 x 768

ParishSOFT Remote Installation

IFAS 7i Department Accounts Payable

Introduction to ilab Solutions for Core Directors and Staff

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

Using the Content Distribution Manager GUI

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Exercise Safe Commands and Audit Trail

Selection Manager: Quick Start Guide

ONLINE TEST ADMINISTRATION

An Associate of the UOB Group A UTRADE FX ELITE QUICK START GUIDE

Deltek Touch Time & Expense for GovCon. User Guide for Triumph

Event Management System (EMS) Room Scheduling Guide

Telecom Systems Billing Application User Guide

ABAP Debugging Tips and Tricks

Quick Help Guide SAP CRMS Login, Navigation and Layout

Set up Delegate & Travelers

Training.sap.com User Guide

account multiple solutions

Help Desk Web User Guide

Instant Messenger Operator Manual

Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal

Prevue Online How-To Guide Managing a Branch Account

OnPoint 7.0 Tools and Functionality

ESL Business Internet Banking ONLINE GUIDE. Revised 05/15

Secure File Transfer Guest User Guide Updated: 5/8/14

Mechanics Bank Mobile Banking Mobile Finance Manager (MFM) Application Windows Mobile Phone Installation

PULSE Dashboard Administrator Guide (Updated 2/19/15)

EventTracker: Integrating Imperva SecureSphere

Minimize Access Risk and Prevent Fraud With SAP Access Control

Law Society of Alberta User Guide Trust Safety Accounting Upload - PCLaw and SFTP Software

SQL Server Automated Administration

QuickBooks Business Accounting Software for Windows

How to Configure an Example SAP Cloud Applications Studio (PDI) Solution for SAP Cloud for Customer

How to Access Charge Card Training

Ready to get started? Click the button below to tell us which account number you currently have:

Automated backup. of the LumaSoft Gas database

User Guide Trust Safety Accounting Upload PC Law and SFTP Software Release: Final Date

Table of Contents. 1. Content Approval...1 EVALUATION COPY

EMPLOYEE USER GUIDE. Rev. 7/18/12

Maximizing Performance on Cognos, Workflow, and BDMS

TeamViewer 9 Manual Management Console

Online Banking User Guide

Creating Bill of Materials with Winshuttle Transaction

In this topic we will cover the security functionality provided with SAP Business One.

Training Manual Version 1.0

Travel & Expense Reimbursement System Information IBM GERS SYSTEM

USER MANUAL KNOWLEDGE CENTER - PORTAL

CCS sales order document flow Android 3.0 version. Content and purpose of the application

Fax Regis University RightFax Services for Faculty & Staff

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

Last updated: October 4, einvoice. Attorney Manual

SAP Business Intelligence ( BI ) Financial and Budget Reporting. 2nd Edition. (Best Seller Over 1,000,000 copies sold)

Radian Mortgage Insurance

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Log-in to the patient booking website

Lawson Portal User s Manual

RP Pocket PC Scanner Reference Manual For PPT8800

Integrating LANGuardian with Active Directory

525 South 29 th Street. Harrisburg, PA Learning Management System User s Guide

Course Inventory Management System: Beginners Guide

System Administration Training Guide. S100 Installation and Site Management

CONNECT MANAGER SUPPLY ORDER MANAGEMENT TOOL 3.5 MANUAL

Customer Database Pro Tutorial

Novell ZENworks Asset Management 7.5

Baylor Secure Messaging. For Non-Baylor Users

Problem: Logging on to UT Southwestern Student Center

Remote Access VPN SSL VPN Access via Internet Explorer

SAP BusinessObjects GRC Access Control 10.0 New Feature Highlights and Initial Lessons Learned

Kaseya 2. User Guide. Version 1.1

ENABLE LOGON/LOGOFF AUDITING

A-AUTO 50 for Windows Setup Guide

Introduction. Activating the CFR Module License. CFR Configuration

SWISSQUOTE MT4 TERMINAL

Magento Extension Point of Sales User Manual Version 1.0

Manual. 3CX Phone System integration with Microsoft Outlook and Salesforce Version 1.0

ASSET TRACKING SYSTEM

MAC OS X 10.5 Mail Setup

ACR Triad Site Server Click Once Software System

INsight Call Center Users Guide

Support System User Guide

VERALAB LDAP Configuration Guide

Create Company. User Guide

Agent Tasks. Dial from Directory 1. In the Content panel, select the target directory. 2. Click the phone number you want to call.

Enterprise Reporting Advanced Web Intelligence Training. Enterprise Reporting Services

This exhibit describes how to upload project information from Estimator (PC) to Trns.port PES (server). Figure 1 summarizes this process.

How-To Guide SAP Cloud for Customer Document Version: How to Configure SAP HCI basic authentication for SAP Cloud for Customer

Unified Monitoring Portal Online Help Account Admin

XCM Internet Explorer Settings

Transcription:

SAP GRC Superuser Privilège Management September 26, 2007 English SAP GRC Superuser Privilege Management Business Scenario Script for Discovery System version 3 SAP AG Neurottstr. 16 69190 Walldorf Germany

Contents Introduction... 3 Begin the Demo... 3 Select the Firefighter Transaction... 3 Perform the Firefighter Task... 4 Review the Audit Reports... 9H8 SAP AG Page 2 of 9

Introduction SuperUser Privilege Management (formerly called Firefighter) application allows personnel to take responsibility for tasks outside their normal job function. Firefighter describes the ability to perform tasks in emergency situations. Firefighter enables users to perform duties not included in the roles or profiles assigned to their user IDs. Firefighter provides their extended capability to users while creating an auditing layer to monitor and record Firefighter usage. Firefighter is an ABAP-based and web-based application that automates all activities related to firefighting. Firefighter temporarily re-defines the IDs of users when assigned with solving a problem, giving them provisionally broad, but regulated access. There is complete visibility and transparency to everything done during the period. In this document we will be demonstrating Firefighter usage and reports of Firefighter usage. Begin the Demo Log into the SAP ABAP System: Connection Type: Custom Application Server Application Server: SAPDiscoverySystem System Number: 10 System ID: ERP User ID: Jsmith Password: sarbanes1 Select the Firefighter Transaction A Super user activates the Firefighter transaction, notice how it is completely embedded in SAP, just like any other SAP transaction, providing ultimate efficiency. On the SAP Easy Access screen you should see a favorite: 1. Double Click this favorite NOTE: If the is not one of the favorites, you can manually launch the transaction: /n/virsa/vfat SAP AG Page 3 of 9

Perform the Firefighter Task... Super users can see that they have pre-assigned access to a Firefighter ID. Super users can have one or many super user roles but will only see the ones they have access to. These ID s give privileged access into SAP and the fact that it is pre-assigned means that the user is already trained on the application and ready to support it, but DOES NOT have to wake someone up in the middle of the night to request access in an emergency situation, they can very efficiently login right from here. Each ID provides security and controls for the access granted. Each ID has specific authorization rights, is pre-assigned to specific users, and has a validity date. When the ID is used Firefighter tracks who has used it and keeps a detailed log of every change made in the system while it was in use and even e-mails the log to a controller for review. From here simply logon to the Firefighter ID: FF_VENDORS = Vendor Maintenance. 1. Click the LOG ON button to start a session with the Firefighter ID: FF_VENDORS. A dialog Box should appear asking for information. Field / Drop-down Reason Description Activity Data Select from Drop-down: MONTH END CLOSE Type in: Update vendor address for checkrun Type in: XK02. SAP AG Page 4 of 9

2. Go back into the ERP session for John Smith 3. Click the Green Check to proceed. This will trigger 2 events. The first thing you will notice is that it has put you in a new session. In this new session you can only execute the capabilities/transactions authorized or mapped to this FF ID = FF_VENDORS ID. 4. Click on the Start SAP Easy Access button. Here you should see a number of options to perform vendor master related activities. 5. Double Click on the Change vendor (centrally) option. Now we will modify an existing vendor s information. Field Data Vendor General Data A9999 = Ogden Manufacturing Check-off the Address box NOTE: Selecting any other vendor will not work. SAP AG Page 5 of 9

6. Click the Green Check to proceed. Change the Street/House number to other value which is currently in the field. SAP AG Page 6 of 9

7. Press ALT + TAB This will take you back to the Firefighter main menu. Where you can show that the FF_VENDORS Status Box has a red light meaning no one can use this ID right now. This maintains a clean audit trail because there is only one user of this ID allowed at a time. 8. Press ALT and TAB. This will take you back to the Vendor Maintenance session. 9. Click the Save Icon 10. Click the Exit Icon You have now returned to the firefighter session. You also triggered another alert that went to the FF_VENDORS controller (Fox Wilson) and this time the email not only had the reason and activity you entered but also includes all the transactions you executed while in the firefighter role. The system will also display Change details for transactions that the SAP Change Header table tracks. 11. Click on the Refresh Icon This will change the Red Status indicator to Green showing that someone may now access the FF_VENDORS. SAP AG Page 7 of 9

Review the Audit Reports 1. Select the Firefighter report Icon 2. Select the Update Firefighter Log button. A dialog comes up with message Background job active for firefighter. Run transaction SM37 to review. SAP AG Page 8 of 9

3. Click on green check box and wait for 30 seconds. 4. Select the Firefighter report Icon, a second time. This presents you with a dialog box that allows you to filter the firefighter log report using many different selection criteria. In this case we are going to select the AP firefighter Field Firefighter Date Data Jsmith Today s Date 5. Click the Execute Icon. Here you will see the audit log for John s Firefighter session. 6. Click the Expand All Icon. This will expand the data so you can show the audit trail for a particular entry. You can discuss the expanded data showing the transactions that were performed and also in some cases the change Header data that was captured as well. SAP AG Page 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information