SAP Security & GRC

Soterion

Soterion’s SAP Security & GRC podcast with host Dudley Cartwright, helping you on your journey to effective access risk management in SAP.Soterion is an international leading provider of GRC and FUE Licensing solutions for organisations running SAP. Our user-friendly, plug-and-play software integrates immediately into the SAP environment — S/4HANA ready, award-winning, and designed to translate complex GRC processes into business-friendly language. Soterion believes that effective GRC is measured by how well business users can manage access risk. Our solutions empower organisations to enhance risk awareness, drive better decision making, and build accountability across every level of the business — because access risk is business risk.

  1. -7 ч

    How to Set Up and Analyse STUSERTRACE

    Listen to the SAP Security & GRC podcast – helping you on your journey to effective access risk management in SAP.  In this episode, Ross Robertson walks through the SAP User Authorisation Trace (STUSERTRACE) – a long-term authorisation trace that records unique authority checks per user in the background, making it invaluable for everything from day-to-day authorisation management to full role redesigns. Where STAUTHTRACE (covered in E09) captures a short window of activity, STUSERTRACE keeps a long-term history you can analyse months – even a year – later.  🔑 Key Takeaways:  What STUSERTRACE is and how it differs from the short-term STAUTHTRACE How it stays lightweight by logging each unique authority check only once per user How to activate it via the auth/authorization_trace profile parameter – and why you set it in both the dynamic (RZ11 / RZ10) and static (RZ10) profiles Parameter values explained: N (off), Y (active, no filter), F (active with a filter) – and why Soterion recommends F with exclusions Which users and authorisation objects to exclude (e.g. high-volume objects with constantly changing fields like order numbers) to protect system performance How to evaluate results by user, application type, authorisation object, check result, CDS entity, and date range Real consulting use cases: building SU24 authorisation defaults from real usage and excluding developer / firefighter activity from business-as-usual role design  Featuring:  Ross Robertson – Senior SAP Authorisations Consultant, Soterion

    19 мин.
  2. 31 мар.

    Technical Series: How to Create and Maintain Fiori Spaces & Pages

    Listen to the SAP Security & GRC podcast – helping you on your journey to effective access risk management in SAP.   In this session Ross Robertson focuses on the creation, maintenance, and administration of Fiori Spaces and Pages, which determine how SAP Fiori applications are organised and presented to end users.  🔑Key Takeaways:   • Fiori Spaces are the top level of the Launchpad structure and are used to organise business functions for end users.  • Pages and Sections help structure apps within a Space, making it easier for users to navigate and access the tools they need.  • Fiori Tiles are placed inside Sections and represent the individual applications users interact with.  • Keeping configurations lean and well-structured improves SAP Fiori Launchpad performance and reduces load times.  • Both Fiori Catalogues and Spaces must be assigned to roles to ensure users can access the correct apps in the Launchpad.  Through this walkthrough, viewers gain a practical understanding of how to configure Fiori Spaces and Pages effectively, ensuring users can quickly access the applications they need while avoiding performance issues caused by over-allocation of tiles and target mappings.    Don’t miss out on insights from:  Ross Robertson – Senior SAP Authorisations Consultant - Soterion     For more episodes visit: https://soterion_sapsecuritygrc.buzzsprout.com/

    13 мин.

Об этом подкасте

Soterion’s SAP Security & GRC podcast with host Dudley Cartwright, helping you on your journey to effective access risk management in SAP.Soterion is an international leading provider of GRC and FUE Licensing solutions for organisations running SAP. Our user-friendly, plug-and-play software integrates immediately into the SAP environment — S/4HANA ready, award-winning, and designed to translate complex GRC processes into business-friendly language. Soterion believes that effective GRC is measured by how well business users can manage access risk. Our solutions empower organisations to enhance risk awareness, drive better decision making, and build accountability across every level of the business — because access risk is business risk.