Authorization Concept for SAP S/4HANA and SAP Business Suite (ADM940)



In this course, you will learn about SAP authorization concepts using SAP ECC. For the most part, however, they can be applied to other components. A fundamental knowledge of the SAP environment is essential for this course.

This course is based on software release ERP 6.0 with EHP7.


  • C_AUDSEC_731 - SAP Certified Technology Associate - SAP Authorization and Auditing
  • P_ADMSEC_731 - SAP Certified Technology Professional - System Security with SAP


  • Program / Project Manager
  • System Architect
  • System Administrator


  • Basic or advanced courses in at least one application area is recommended

Learning Objectives

  • Elements, strategies, and tools of the SAP authorization concept
  • Create and assign authorizations using the Role Administration / Profile Generator
  • Principle usage of the NetWeaver Identity Management and Central User Administration (CUA)

1. Authorizations

  • Describing Authorization

2. Authorization Concepts for Compliant Identity Management

  • Designing Authorization for an AS ABAP-Based System
  • Implementing Authorization for an AS ABAP-Based System

3. Authorization Terminology

  • Defining the Authorization Elements and Terms
  • Checking Authorizations in ABAP Systems

4. User Maintenance

  • Maintaining User Data

5. Basic Role Maintenance

  • Defining a Role
  • Defining Authorizations in a Role
  • Defining Customizing Roles
  • Creating Composite Roles
  • Creating Reference and Derived Roles
  • Maintaining Roles for SAP NetWeaver Business Client

6. Advanced Role Maintenance

  • Applying the Special Functions of Authorization Maintenance
  • Defining Authorizations for a System User

7. Authorization Environment Configuration

  • Installing and Upgrading Role Maintenance
  • Configuring Role Maintenance
  • Defining System Settings
  • Analyzing Missing Authorizations
  • Transporting Authorizations

8. Integration of Authorization Systems into an Organization's Landscape

  • Creating Users with Central User Administration (CUA)
  • Migrating the CUA into SAP NetWeaver Identity Management (ID Management)
  • Identifying Non-Standard Authorization Concepts in the SAP Business Suite
  • Integrating Authorization Assignments with Organizational Management

9. SAP Systems for Identity Management

  • Identifying Different User Sources
  • Describing SAP NetWeaver Identity Management (ID Management)
  • Planning SAP Governance, Risk, and Compliance (SAP GRC)
  • Describing Compliant Identity Management (CIM)