Assigning authorizations to users is one of the most complex tasks in SAP. I had explained how authorizations work in SAP in one of my earlier posts. But, in a new SAP installation, when authorizations are to be created for the first time, how does one proceed. How does one implement authorizations in SAP R/3? In a recent chat with one of my colleagues who is an expert in SAP authorizations , he shed light on implementing authorizations in SAP. His approach was a step by step approach. The steps as mentioned by him were as follows.

1. The first step is to define the organizational roles. Organizational roles act as the basic building block of SAP authorizations.
2. Once organizational roles are defined, SAP R/3 functions associated with each function need to be identified.
3. Once R/3 functions are identified, the authorizations which are required for each functions need to be identified.
4. The identified authorizations and profiles for each function need to be designed and created in the development system, then migrated to the quality server or system for QA and regression testing. Finally, the authorizations are to be transferred to the production environment.
5. After all the above steps are complete, the authorizations need to be assigned to user master records.

More on SAP >>

>> Common SAP Master Data Mistakes
>> Defining Valuation Areas in SAP
>> Assigning Sales Area to Sales Documents
>> Defining Account Groups OBD2