In emergencies or extraordinary situations, Superuser Privilege Management, a capability of SAP GRC Access Control, enables users to perform activities outside their roles under Superuser-like privileges in a controlled, auditable environment.

A temporary ID is assigned that grants the user privileged, yet regulated, access. This transfer of privileges from one person or role to another is called firefighting. Such a firefighting event might occur, for example, if an employee is injured and another employee has to perform the injured employee’s duties.

Superuser Privilege Management is an ABAP and Web-based capability that tracks, monitors, and logs the activities that are performed by a Superuser with a privileged user ID. Superuser Privilege Management also automates firefighting tasks such as defining firefighter IDs and assigning owners and controllers.

This capability is a back-end systems activity with limited interfacing to Compliant User Provisioning where related reports may be generated. For reports and other information, see the Compliant User Provisioning topics in this application help.