{"id":73420,"date":"2021-05-03T08:00:00","date_gmt":"2021-05-03T06:00:00","guid":{"rendered":"http:\/\/e3mag.com\/?p=73420"},"modified":"2025-08-23T14:02:57","modified_gmt":"2025-08-23T12:02:57","slug":"how-to-optimize-sap-authorization-management","status":"publish","type":"post","link":"https:\/\/e3mag.com\/en\/how-to-optimize-sap-authorization-management\/","title":{"rendered":"How to Optimize SAP Authorization Management"},"content":{"rendered":"<p>For company and employees alike, the definition and allocation of roles and authorizations in ERP systems offers a high level of security and transparency\u2014at least in theory. In reality, authorization management is often in disarray, its handling unstructured, leading to serious security concerns. As dangerous as neglected role management and authorization can be, the effort and time a thorough manual evaluation of all roles and authorizations takes is almost impossible to spare. However, new intelligent software tools promise to tackle this challenge, offering companies a realistic opportunity to sustainably optimize their authorization management without Herculean effort.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Old and new roles<\/h3>\n\n\n\n<p>In SAP systems alone, there are roughly 150,000 transactions that can be assigned to individual users, user groups, roles, or composite roles. Experience shows that new users, roles, and authorizations are added fairly regularly, but the existing ones are rarely reviewed. More often than not, their number only gets reduced if an employee decides to leave the company. This doesn\u2019t come as a surprise. Systems that have been organically growing over years, even decades, accumulate quite a lot of data to sift through. Reviewing each and every authorization the traditional (manual) way would be nearly impossible, not least because many companies do not even leverage so-called tracing yet to see which user utilizes which authorizations.<\/p><div id=\"great-1770229629\" class=\"great-fullsize-content-en\" style=\"margin-bottom: 20px;\"><a data-no-instant=\"1\" href=\"https:\/\/www.youtube.com\/watch?v=6yfv7eho3Gc\" rel=\"noopener\" class=\"a2t-link\" target=\"_blank\" aria-label=\"Fullsize\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150.jpg\" alt=\"Fullsize\"  srcset=\"https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150.jpg 1200w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-400x50.jpg 400w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-768x96.jpg 768w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-100x13.jpg 100w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-480x60.jpg 480w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-640x80.jpg 640w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-720x90.jpg 720w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-960x120.jpg 960w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-1168x146.jpg 1168w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-18x2.jpg 18w, https:\/\/e3mag.com\/wp-content\/uploads\/2026\/03\/banner_26_04_08_1200x150-600x75.jpg 600w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" width=\"1200\" height=\"150\"  style=\" max-width: 100%; height: auto;\" \/><\/a><\/div>\n\n\n\n<p>At the same time, the security risks that arise from inadequate authorization concept are not to be underestimated. One example would be if an employee in procurement switches to accounting, registers themselves as a supplier and pays their own invoices for goods that were never ordered or delivered\u2014and this is only the beginning. Security concerns are exacerbated by the Covid-19 pandemic and the (forced) trend towards remote work. Opening up internal systems for external access carries an inherent risk either way, but at least all authorizations should be consistent to avoid becoming an easy target for cybercriminals. Only then can unauthorized access to critical information be prevented and mistakes due to lack of transparency and an inadequate authorization concept be avoided. <\/p>\n\n\n\n<p>Furthermore, if your authorization management is in disarray, you could be paying more for your licenses than you realize. A common example: Paying for licenses for users that neither need nor use the programs. Authorization management is therefore also important when it comes to audits. High time, then, to start reviewing and declutter one\u2019s own authorization management. The good news is that there are new intelligent solutions available that help companies entangle their unmanageable authorization concepts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Tracing is the foundation<\/h3>\n\n\n\n<p>A good starting point is to implement access tracing, as it is used to evaluate which user uses which authorizations and roles the most. Every access and action is documented for six to twelve months to provide a solid data base for reviewing which authorizations, roles, and licenses are actually needed. Based on the tracing data, intelligent new software solutions such as the Sivis Reduction Manager review every recorded action automatically. All roles or authorizations that have not been used during the tracing period are sent to the responsible employee to review. <\/p>\n\n\n\n<p>The same goes for role constellations that seem inconsistent, like parallel authorizations for procurement and accounting. The biggest benefit of intelligent software solutions in this case is that not all existing authorizations have to be reviewed, but only the ones that can be assumed to be out of date. At the same time, the manual review and decision-making process ensure that authorizations are not erroneously taken away. After all, there are some legitimate reasons why authorizations might not have been used for a longer period of time.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Automated suggestions<\/h3>\n\n\n\n<p>For security and cost efficiency reasons, quality, transparency and consistency of the authorization management are indispensable. Up to now, redesigning existing systems was hardly feasible due to the high amount of work involved. Innovative software solutions now offer companies the opportunity to automatedly scan, evaluate, and contrast all authorizations. Striking constellations that seem out of date or inconsistent are sent to the responsible employee to review to avoid erroneously deleting legitimate roles or authorizations. Consequently, the required effort can be reduced significantly. Some providers like Sivis offer a combination of software solutions and service, again reducing the involved effort for companies.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/e3mag.com\/en\/partners\/sivis-gmbh\/\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"112\" src=\"https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis.jpg\" alt=\"https:\/\/e3mag.com\/partners\/sivis-gmbh\/\" class=\"wp-image-54441\" title=\"How to Optimize SAP Authorization Management\" srcset=\"https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis.jpg 1000w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-768x86.jpg 768w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-100x11.jpg 100w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-480x54.jpg 480w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-640x72.jpg 640w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-720x81.jpg 720w, https:\/\/e3mag.com\/wp-content\/uploads\/2018\/08\/Sivis-960x108.jpg 960w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/e3mag.com\/wp-content\/uploads\/2025\/08\/2104_sivis_E_web.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">PDF in English<\/a><\/h2>","protected":false},"excerpt":{"rendered":"<p>The definition and assignment of roles and authorizations is crucial for ERP systems, as they allow companies to define and implement user access rights in processes and workflows.<\/p>","protected":false},"author":2126,"featured_media":73443,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[5,39097],"tags":[1967,15850],"coauthors":[37982],"class_list":["post-73420","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-management","category-mag-21-04","tag-erp-systeme","tag-sivis","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"thumbnail":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-150x150.jpg",150,150,true],"medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",400,180,false],"medium_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-768x346.jpg",768,346,true],"large":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"image-100":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-100x45.jpg",100,45,true],"image-480":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-480x216.jpg",480,216,true],"image-640":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-640x288.jpg",640,288,true],"image-720":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-720x324.jpg",720,324,true],"image-960":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-960x432.jpg",960,432,true],"image-1168":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"image-1440":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"image-1920":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"1536x1536":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"2048x2048":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"trp-custom-language-flag":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",18,8,false],"bricks_large_16x9":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"bricks_large":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"bricks_large_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",1000,450,false],"bricks_medium":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",600,270,false],"bricks_medium_square":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow.jpg",600,270,false],"profile_24":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-24x24.jpg",24,24,true],"profile_48":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-48x48.jpg",48,48,true],"profile_96":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-96x96.jpg",96,96,true],"profile_150":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-150x150.jpg",150,150,true],"profile_300":["https:\/\/e3mag.com\/wp-content\/uploads\/2021\/04\/shutterstock-1813934876-VideoFlow-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"<p>Die Definition und Zuweisung von Rollen und Berechtigungen ist entscheidend f\u00fcr ERP-Systeme, damit k\u00f6nnen Zugriffsbefugnisse nicht nur formal vergeben, sondern fest in die Unternehmensprozesse und den Workflow implementiert werden.<\/p>\n","category_list_v2":"<a href=\"https:\/\/e3mag.com\/en\/category\/it-management\/\" rel=\"category tag\">IT-Management<\/a>, <a href=\"https:\/\/e3mag.com\/en\/category\/mag-21-04\/\" rel=\"category tag\">MAG 21-04<\/a>","author_info_v2":{"name":"Philipp Latini, Pointsharp","url":"https:\/\/e3mag.com\/en\/author\/philipp-latini\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/73420","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/users\/2126"}],"replies":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/comments?post=73420"}],"version-history":[{"count":2,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/73420\/revisions"}],"predecessor-version":[{"id":154325,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/posts\/73420\/revisions\/154325"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media\/73443"}],"wp:attachment":[{"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/media?parent=73420"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/categories?post=73420"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/tags?post=73420"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e3mag.com\/en\/wp-json\/wp\/v2\/coauthors?post=73420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}