Expand +



8 Tips to Achieve More Efficient Authorization Incident Management

How Your IT Staff Can Streamline SAP Authorization Issues

by Stephen DuBravac | SAPinsider, Volume 15, Issue 4

October 1, 2014

SAP’s robust authorization model coupled with the constant technical and organizational changes within an enterprise means authorization incidents are inevitable — and annoying. But with new tools and emerging practices, security administrators can dramatically reduce the number and severity of incidents. Discover eight ways you can streamline your authorization incident management process.


Few security issues annoy end users more than when they are unable to complete a task because of a failed authorization check, bringing their work to a standstill. Authorization issues irritate administrators as well, as they require hours of research, disrupt work, and delay interesting projects. These incidents are often urgent, ambiguous, and adversely affect IT’s customer satisfaction scores.

New tools, such as Authorization Help from Security Weaver, reduce the effects of incidents. Security Weaver recommends eight strategies to streamline the authorization incident management process:

1. Integrate Authorization Incident and Authorization Request Processes

The initiating causes, success measures, and challenges of authorization incident and authorization request processes are materially different, so the design and management of the processes must be separate. However, because the resolution of an authorization incident often initiates an authorization request, it is best to provide triggers for the provisioning process as part of the incident management process.

2. Automate Ticket Creation and Data Collection

Automated ticket creation means end users face less hassle in notifying IT about their specific issues. Automated data collection fills tickets with robust, consistently formatted data, accelerating both incident and problem management processes for IT.

3. Provide Easy Access to Policy Documentation

Users must quickly determine if their authorization issue is due to a policy constraint or an assignment error. By helping users quickly determine that the issue should be escalated to auditors and business owners instead of IT, security administrators can minimize misdirected requests for access and reduce ticket volume.

4. Integrate Authorization Incident Tickets with a Service Management Platform

This allows users to leverage status-tracking capabilities and auditors to trace authorization changes back to the source. Meanwhile, IT can keep security processes aligned with IT operational processes.

5. Automatically Recommend Options to Users

Unnecessarily locking valid critical transactions that a user needs is one of the fastest ways to lower IT satisfaction survey scores. Depending on the nature of the transaction and the existing authorization privileges, users should be offered suggestions that alert them to alternative ways of processing a transaction. This capability should be configurable so that management, auditors, and security personnel can be assured that the recommendations support security policies.

6. Add User Transaction Data to the Automated Ticketing Process

It’s important to capture detailed user transaction data to expedite research and remediation, as it provides the necessary context and reduces the need for users to re-run transactions under trace conditions.

7. Automatically Recommend Role Assignments

Segmenting roles based on inventory, policies, and user metrics can lead to smart role recommendations. Role owners and IT can then quickly determine if an issue is due to the design of a role, its configuration of authorization objects, or a missing assignment. 

8. Automate Role Testing

Regression errors and design bugs can sneak into production. Proper testing can go a long way toward reducing the number of authorization incidents.

Learn More

SAP’s robust authorization model coupled with the constant technical and organizational changes within an enterprise means authorization incidents are inevitable. However, some security administrators are able to radically reduce the number and severity of these incidents to streamline their authorization incident process. To learn more, download our white paper at

An email has been sent to:


Stephen DuBravac
Stephen DuBravac

Executive Vice President
Security Weaver

More from SAPinsider


Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!