System Authorization Profile Misuse
Discover how DefenceMore OCA for SAP detects and monitors the assignment of powerful system authorization profiles.
Case Study #004.01
Scenario
The S_A.SYSTEM authorization profile has been assigned to a newly created user.
Impact
The S_A.SYSTEM authorization profile is a powerful profile that includes numerous authorizations. When this profile is assigned to a user, system administrators must be notified promptly.
DefenceMore OCA Capabilities
Defencemore OCA's A002 and A003 controls list newly assigned profiles to users. Additionally, the A019 control detects and reports if the S_A.SYSTEM authorization profile has been assigned to a newly created user.
Related Checks
- A002 Critical Profile History
- A003 Critical Profile Users
- A004 User Master Record Changing
- A019 Last Created Users