The profile SAP_NEW includes the authorizations for objects to be checked new for existing functions or business processes. This is to ensure compatibility with later releases.
For functions that were not subject to any authorization checks previously, all users were authorized irrespective of their user profiles. If all users have the profile SAP_NEW in their master record, they still have the authorization for the previously unprotected functions after an upgrade. The super user or operator can then decide after the upgrade who should keep the authorizations concerned. These users are assigned the new authorizations in their standard profile. Afterwards the operator or administrator will remove the individual profiles SAP_NEW_<rel> from the collective profile SAP_NEW.
For each release SAP_NEW contains a single profile SAP_NEW_<rel>, e.g., SAP_MEW_21D. This is intended to document the new authorizations for each upgrade and support upgrades that skip versions. For example, when a customer upgrades from 2.1B to 2.1D, they know that they have to look at all the authorizations (and objects) listed in the profiles SAP_NEW_21C and SAP_NEW_21D.
The authorizations collected in SAP_NEW relate to the complete SAP System including the Basis System.