In addition to classic Microsoft applications, SAP is an integral part of modern software landscapes. SAP offers solutions for HR, ERP and CRM activities. The question of access to customer and employee data as well as critical company knowledge arises in all areas.
In SAP, transaction codes control the executability of actions. Many of them are security-critical. The question of who can retrieve which transaction codes is very difficult to answer with SAP on-board tools. SAP administrators have immense difficulties in understanding how the authorization situation comes about. This is often due to difficult to understand multiple authorizations and nested roles.
It is not uncommon for SAP to function as the leading system in a company alongside Active Directory. Administrators then have difficulties finding out which SAP user corresponds to which AD user.
ARM version 9.1 and higher enables you to search for security-critical transaction codes. ARM also identifies the authorization paths. This enables you to recognize multiple authorizations. With the ARM Graph, you can visualize nested roles and create clarity as the basis for creating a sustainable authorization concept. Would you like to know which AD user has assigned which SAP account? One click is enough and you have the information.
ARM enables a previously unattainable in-depth permission analysis. ARM does not require any configuration of the target system.
SAP main features