The collector for user authorization findings is named: /DVD/MON_GRC_CL_COL_USR_AUTH.
It collects KPIs about the authorizations of users. The KPIs are defined via KPI definition and input table /DVD/MON_GRCUAI1.
Input table /DVD/MON_GRCUAI1 sets extended KPI definition with the following fields:
KPI | KPI name |
KPI rule num | KPI Rule Number |
SID | System ID |
Auth type | Authorization type |
Auth name | Authorization |
Only new | Report only new findings |
Add to detail | Add relevant records to details |
Active | Is KPI rule active? |
Created by | Created by user [automatically filled] |
Created at | Created at [automatically filled] |
The collector provides also detailed output in a detail table for relevant KPIs. The detail table is called: Users with their search authorizations - /DVD/MON_GRCUAD1 with the following fields:
KPI name |
User Name |
Authorization type |
Authorization |
Some KPIs are provided in standard delivery with the collector as examples:
KPI name | Description | Unit |
---|---|---|
GRC_AUTH_ALL | Number of user with full authorization (SAP_ALL,SAP_NEW) | Count |
GRC_AUTH_ALL_O_N | Number of NEW users with full authorization (SAP_ALL,SAP_NEW) | Count |
NOTE: All standard user authorizations KPIs have prefix GRC_AUTH*