Show TOC

Component documentationSuperuser Privilege Management Locate this document in the navigation structure

 

In emergencies or extraordinary situations, Superuser Privilege Management, a capability of SAP GRC Access Control, enables users to perform activities outside their roles under Superuser-like privileges in a controlled, auditable environment.

A temporary ID is assigned that grants the user privileged, yet regulated, access. This transfer of privileges from one person or role to another is called firefighting. Such a firefighting event might occur, for example, if an employee is injured and another employee has to perform the injured employee’s duties.

Superuser Privilege Management is an ABAP and Web-based capability that tracks, monitors, and logs the activities that are performed by a Superuser with a privileged user ID. Superuser Privilege Management also automates firefighting tasks such as defining firefighter IDs and assigning owners and controllers.

This capability is a back-end systems activity with limited interfacing to Compliant User Provisioning where related reports may be generated. For reports and other information, see the Compliant User Provisioning topics in this application help.

Implementation Considerations

For information about installing Superuser Privilege Management, see the following systems and installation notes. The guides for each system are available for download on SAP Service Marketplace at http://service.sap.com/instguides -> SAP Solution Extensions -> SAP Solutions for GRC.

Installation Systems and Notes

SAP System

SAP System Type

SAP Note Number

4.6C

ABAP

1133161

620

ABAP

1133163

640

JAVA

1133165

700

JAVA

1133167