Identity Management for Audit Management

The user and authorization management functions from SAP NetWeaver Identity Management enable you to make functions of audit management available to users automatically. By assigning a corresponding business role in SAP NetWeaver Identity Management to an appropriate single role that you use in your company, you can control which functions can be accessed by a user.

We deliver the single role auditor (SAP_PLM_AUDITOR) for this. As a result, a user to whom this single role is assigned has authorizations for transactions Audit Management and Audit Monitor, as soon as the user and authorization distribution has been completed.

The SAP NetWeaver Identity Management system can transfer auditor-related data to an SAP NetWeaver system.

The following prerequisites must be met for you to be able to use this function:

• You are using the SAP NetWeaver Identity Management 7.1 product.

• If you use SAP ERP HCM and want to distribute employee-related data by Application Link Enabling (ALE), you have in addition installed SAP Enhancement Package 4 for SAP ERP 6.0 and connected it to SAP NetWeaver Identity Management 7.1.

Two cases need to be distinguished when you create auditor-related data:

• If you are using SAP ERP HCM and distribute employee-related data to the Audit Management system using Application Link Enabling (ALE), the business partner type EMPLOYEE is assigned to the user.

• If you are not using SAP ERP HCM, the user is created as well as a business partner of the type EMPLOYEE and this business partner is assigned to the user.

The function uses BAdI implementation BADI_IDM_PLM_AUDITOR of Business Add-In (BAdI) BADI_EXTEND_IDENTITY.