Authorization Concept in Audit Management 
Use
Using authorizations, you can control accesses and activities related to audit components or functions within these components. In audit processing, authorization checks exist for the following components:
Audit Plan
Question List
Audit
Corrective and Preventive Action
Integration
The transaction authorizations for the application transactions and Customizing transactions are managed by Basis functions.
Other authorization checks are processed using the authorization object AUDIT_AUTH.
Features
Changing the Status
Each audit component is subject to
status management. The setting/deleting of user statuses is controlled using the authorization object B_USERSTAT. The setting/deleting of user statuses due to business transaction flows is controlled by the authorization object B_USERST_T.
Authorization Object AUDIT_AUTH
This authorization object includes the following authorization checks within audit processing:
- Partner-dependent accesses to an audit plan, question list, audit, or corrective/preventive action.
- Creation of an audit plan, question list, audit, or corrective/preventive action.
- Display of an audit plan, question list, audit, or corrective/preventive action.
- Changing of an audit plan, question list, audit, or corrective/preventive action.
- Deletion of an audit plan, question list, audit, or corrective/preventive action.
- Release of an audit plan, question list, or audit.
Apart from the authorization checks mentioned above, the system checks, for example, whether or not the user can execute the following functions (BAdI PLM_AUDIT_AUTH_CHECK [activities in audit processing]):
- Assign documents to the audit plan, question list, audit, and corrective/preventive action.
- Assign planned audits to audit plans and assign question lists to audits.
- Release or reset the release of the audit plan, question list, or audit.
- Complete or reset the completion of the audit plan, question list, audit, or corrective/preventive action.
- Lock or unlock the audit plan, question list, or audit.
- Flag the audit plan, question list, or audit for archiving. Archive the audit plan, question list, audit, or corrective/preventive action.
- Set approval requirement for the audit plan, question list, or audit.
- Accept or reject the audit plan, question list, or audit.
- Set or reset the deletion flag for the audit plan, question list, audit, or corrective/preventive action.
- Cancel or reset cancellation of the audit plan or audit.
- Create the audit report
Role-Specific Authorizations
The assignment of authorizations based on roles makes it easier to maintain authorization assignments. When a new business partner XY is created for the role auditor in the audit, a user name can be assigned to this business partner (for example, AUDITOR). The user AUDITOR already exists in the system and the required authorization profile is assigned to this user. The business partner XY can log on to the audit management system using the AUDITOR user and can then process all components:
- That can be processed according to the authorization profile of the user AUDITOR (for example, only audits and corrective/preventive actions).
- To which the user AUDITOR is assigned as a business partner.
Activities
The system performs the authorization checks in the following order:
- Check of the transaction authorization
- Check of the general audit authorization for a general activity (authorization object AUDIT_AUTH)
- Check of the authorization for the execution of particular activities (BAdI PLM_AUDIT_AUTH_CHECK)
- Authorization check based on roles
See also:
Audit Management Overview
Online documentation about the authorization object AUDIT_AUTH
Online documentation about the BAdI PLM_AUDIT_AUTH_CHECK (activities in audit processing)