- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- User Community access to SUIM
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
User Community access to SUIM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2007 4:29 PM
Hi,
I’m new to SAP security, but I’ve worked with SAP for a number of years. A user is requesting SUIM access because she needs to review her roles bi-annually for SOX audits. I have never seen this transaction given out to the user community and just want to give an answer other than “It just isn’t done!”. Can you please explain to me why or why not this transaction or part of this transaction should or shouldn’t be extended into the user community? Thank you!
Regards,
Gregory A Pioch
SAP/EDI Analyst, Information Services
Inverness Medical Innovations/Unipath
2 Research Way
Princeton, NJ 08540
Work: (609) 627 - 8034
Cell: (201) 956 - 0038
Fax: (609) 672 - 8013
E-Mail: greg.pioch@invmed.com
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2007 4:41 PM
Greg,
SUIM is a display only transaction. It is suitable IMHO to be given to end users for access reviews.
Also, you can review the different transactions on each of the nodes and restrict them as you feel appropriate. Such as not giving out change documents, role comparisons and by logon date password change.
Cheers,
Ben
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2007 4:41 PM
Greg,
SUIM is a display only transaction. It is suitable IMHO to be given to end users for access reviews.
Also, you can review the different transactions on each of the nodes and restrict them as you feel appropriate. Such as not giving out change documents, role comparisons and by logon date password change.
Cheers,
Ben
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2007 8:24 AM
Well, SUIM allows the user to determine not only his/her own authorizations / roles and to evaluate the corresponding change documents - but the user can also request information on other users.
Maybe transasction SU56 would be sufficient for SOX requirements.
SU56 does only list the authorizations assignments of the own user.
Unfortenately it refers to the technical assignments (profiles) rather than the more abstract role assignments.
Cheers, Wolfgang
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2007 4:41 PM
I'm new to security as well, but I find SUIM very valuable to auditing authorizations. We've granted it to our security admin role as well as our security auditor role (which includes SM18, SM19, and SM20 as well).
I don't think its necessary for very many users, but I do think its appropriate for those who do security audits for compliance and SOX.
Regards,
Erik Jensen
- SAP Managed Tags:
- Security
