Q

Purchase request authorization with specifically coded user exits

I am an SAP R/3 4.6 security administrator and after a chat with our SAP consultants I understood that they have created some user-exits for the purchase request process (specifically the release strategy). They claim that the exits they have created define the order of the approvals that have to be made and as such even when the user has the authorization to approve a purchase request (tcode: ME54), he or she will not be able to unless it's their turn for approval. The SAP consultants have not documented the functioning of the exits they have created. However, by performing a review of the users authorizations (through RSUSR002) I have found that 60% of users are able to make approvals for the manager level (that should be around 5% of users). How can I better check that the process is adequatly secured? Could it be that the 60% of users cannot perfom an approval at the manager level because of the exit? Note that they have all the required authorizations and transaction (ME54) for that.
Unfortunately, since the consultants coded in specific user exits for the approval functionality, none of the SAP delivered reports are going to be reliabe in determing who has what (unless the code is looking for a specific auth value). It sounds like that built some sort of workflow functionality into the transaction to allow it to wait for different approvers. I would have an ABAP person evaluate the code and document its intentions.
This was first published in April 2003

Dig deeper on SAP security administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close