Konferenzbeitrag
Sicherheitsmanagement mit SAP R/3-Systemen – Vorgehensmodell zur Implementierung eines R/3- Berechtigungskonzeptes
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Zusatzinformation
Datum
2002
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Modern business IT applications pose, due to their complexity and their integration into various business processes, several formerly unknown issues and problems. In particular, the need to ensure that the new business processes are in line with implemented software functions, arises. Appropriately defined controls need to be in place in order to protect against unauthorized modification or usage of both, critical data and sensitive programs. This paper outlines, how a tailored authorization concept can provide support in reaching these targets. It relates to the standard ERP application SAP R/3. A framework which allows for the definition of detailed access controls within R/3 is described. In general, this paper focuses on a 10-step methodology to define and implement an authorization concept which is based on a workplace-approach to meet current security, business and legal requirements.