When we talk about security in SAP Human Resource Management System ( SAP HR Security ), we talk about securing some very critical information which range from personal data of an employee (e.g. Address, SSN, Salary etc) to some internal information of the organization like department, vacancy, position, job etc.
Hence, unlike any other non-HR module where transaction code/authorization object level security (along with necessary SU24 changes) is to some extent enough to provide security, SAP HR Security requires to go further deep into data level security.
Some of the examples of critical data that need to be secured are:
- Personal Data
- HR configuration data
- Time sheets
- Bank details
- Expense Details
As we have seen in the above example, there are various “types of” sensitive information in an organization which need to be secured. If a person is given access to any particular “type” of information, the point to be taken into account is whether he is the right person for that access and to what level should he get that access. For example – An employee can have access to display his salary but not to change it.
Data structure which stores HR related data is called Infotype. We will discuss about this in details. We will also discuss General Authorization and Structural Authorization Concepts.