Investigate - ECC roles for retirement.
I am trying to investigate and find roles that can be retired in the ECC system. How do I come up with a list of roles that are ready for retirement (due to unuse or wrong naming convention, etc,etc)?
What are the questions I should be asking?
I have tried to follow the below approach, but it doesn´t seem to be effective enough:
note- From hereon, when I mention roles, it means Z-Roles only.
Please find the method I used to analysis the issue below:
***************************************************************************
Requirement: Investigate - ECC roles for retirement.
(Self made points below)
1. Document all roles in ECC, that have never been assigned to any user.
2. Document all the roles in ECC, that do not have any users assigned to
it since atleast one year.
3. Document all the roles in ECC, that are forbidden to be assigned to
any roles.
4. Document all the roles in ECC, that do not follow the standard naming
convention defined by the organisation.
My question - Should I extend this list?
****************************************************************************
Analysis:
Transactions used extensively during analysis:
SE16 Data browser
SUIM User Information system
S_BCE_68001425 Roles by Complex Criteria
PFCG Role Maintenence
Tables user extensively during analysis:
AGR_AGRS Roles in Composite Roles
AGR_DEFINE Role definition
AGR_USERS Assignment of roles to users
Actions taken, to reach the solution:
1. Single Roles - Without assignment in the last one year ( There has been no user assignment to these roles for atleast one
year and no changes have been done to the role during this time.
These roles are currently without any user assigned to them.
2.Forbidden roles: These roles are not to be assigned to any users and it
can be strongly recommended that they should be retired.
There are currently no user assignement for this roles.
3. Wrong Naming convention : Roles that donot follow the
standard role naming conventions (as defined). These roles should be
retired.