Home TORC: The OneRoleConcept TORC and IdM SAP HCM Security SAP HCM Solutions About KNUZEN Contact Information
TORC: The OneRoleConcept benefits with IdM Flexibility Simplicity Transparency
Flexibility:  Works with existing security concepts and is designed with focus on IdM. Simplicity: Simple solution with a minimum of roles. Transparency: Roles can be recognised across systems. TORC will reduce the amount of roles = More transparency of security. TORC: gives you one business role described by one global SAP role = Simplicity. TORC: Aligns the roles across HR used systems, which gives overview of security.       The OneRoleConcept is giving you: Easy access to control user account’s for specific business roles. Easy trace of users with access to specific transactions and why the have this. Easy audit of users and their assigned authorizations. Deliveries in TORC solution: Authorization Concept which is scalable and flexible. You choose if TORC should be used for all HCM business roles or only for segments of your business roles. The remaining business roles can continue to be in operation side by side with TORC. Tools for automatic assignment and removal of roles = no hands on = reduced IT workload in operation and reduced amount of issues. TORC gives you the option to hand the business control of maintaining standard changes  = reduced IT workload = reduced operational costs. •     TORC gives full Overview of access rights in HR related systems so you. •     TORC has no impact on the SAP licensing pr user, but helps you identifying the professional users since we operate with a limited number of roles. IdM Assignment and building of roles. The OneRoleConcept is flexible and scalable and can be implemented for single business roles or for the entire HCM portfolio of roles. You will together with the business select the security method, which is best fit for each business role and then decide to use TORC or existing concept. The OneRoleConcept works together with principles such as Master/Derived, Organisational/ Functional roles and Single roles. The reduced number of roles, which is characteristic for TORC is optimal for IdM processes. The assignment of roles can be optimised with TORC since it segregate the content/ (Who and where you have access) from the functional part / (What you can) Since TORC is an intelligent based access right concept it will based on the users attributes grant access. It follows the ABAC principles. Attribute based access rights. A user will as thump of rule have one role assigned according to his/ here position, but it does not restrict the business from assigned a user several business roles such as a both manager and HR partner role. With Functional roles transaction codes will only exist in one role It is easy for the business to find the right role It is easy for auditors to trace transactions and to identify why users is assign this access. Automatic assignment and delimitation of roles to users can be based on attributes from the employees organizational assignment.  These assignments will determine the role assignment 100% automatic without any request or IT involment. When we use attribute based assignment the role will be automatically assigned when the employee enters the organization and the role will be removed when the employee is leaving the department so a clean up of role assignment is not necessary. there is also the option for enhancing the role assignment with an ABAC rule set where we assign the roles to a user in case the user fullfills teh criterias for being assigned the role. see also page on this site which describes IdM
TORC and IdM
1: home
2: knuzen_curriculum_vitae
3: The SAP HCM Authorization concept: The OneRoleConcept
4: RCAT: The RootCauseAnalysisTools related to the OneRoleConcept
5: contact.htm
7: Business Control with OneRoleConcept
8: The Details of the OneRoleConcept
10: The OneRoleConcept Business benefits
11: SAP HCM transit position in Om as DMZ for transfer activity
12: SAP HR structural authorization for multiple parts of the organisation.
13: LSO and PD Catalogue control
14: Knuzen Substitute/ Deputy solution for line managers
15: Enterprice, personnel and organisational structures in SAP HCM
16: sap_enterprise_structures_revisited
17: Clean up SAP Organisational Management
18: Consistency check of SAP OM and PD tables
19: SAP HCM combined with personnel development functionality
20: Optimize the System Performance with indexing structural authorizations: RHBAUS00
21: Identity management with the use of SAP HCM attributes
22: organizational_key_vdsk1
23: master_derived_composite_sap_roles.htm
24: Standard tools for identifying SAP HCM authorization issues
25: Enhance the layout of PPOME and PPOSE the organisational structure
26: Enhance the existing PD model and use it for personnel development
27: To be structural restricted or not to be... thats the question
28: Automate your SAP solution and avoid errors and business break downs
29: SAP HCM Authorizations and performance
30: design_support_organisations_1.htm
31: design_support_organisation_2.htm
32: design_support_organisation_3.htm
33: Upload Documents on your employees
34: Upload Documents on your employees
35: Upload Documents on your employees
36: The role assignment can be used for compliance check and license control.
37: Upload Documents on your employees
38: Upload Documents on your employees
39: Upload Documents on your employees
40: Upload Documents on your employees
41: Data Model for E-ercruiting and Tips & Tricks
42: Upload Documents on your employees
43: Upload Documents on your employees