SAP HR deals with private employee data much of which might be of sensitive nature. As a result the HR security is typically more stringent that security for the other SAP modules. In a lot of non HR applications, security is more geared towards prevention of wrongful entry of data into the system. However, in the case of HR, even the display of private data might lead to non compliance with prevailing laws and regulations.
Other than the overtly sensitive nature of HR data,another reason of separating it out into its own category on this site is to emphasize two unique provisions in HR.
- Firstly, most of SAP security is based on positive authorization, i.e presence of a particular authorization in the user buffer gives access to new functionality. HR is one area where negative authorization can also be used in addition to the existing positive authorizations. Negative authorization in this case prevents an user from accessing some application due to the presence of a certain authorization in his user buffer.
- Secondly, HR uses structural authorizations to restrict HR access to a certain hierarchy within an authorization independent to the general authorizations assigned through roles.
Leave A Comment?
You must be logged in to post a comment.