I would run a trace on those accounts for a specified period of time. This should give you a baseline of the authorizations that are being used. The Trace transactions are fairly easy to use (ST01). There is a lot of documentation available on how to use them in the 'Authorizations Made Easy' books.
Dig Deeper on SAP security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.