The JAMToolkit Transaction Usage feature provides detailed analysis of user transaction executions and can assist with periodic access reviews and access redesign.
SAP end-users can accumulate access over long periods of time when moving to and from positions and changing SAP responsibilities. This can often lead to redundant access being retained by end-users, causing potential issues with controlling transactional data (by business process and user roles and responsibilities) and segregation of duties (applying unnecessary compensating controls). Furthermore, implementing a new role design is a daunting task, as mapping the required access is fraught with risk and often requires time and effort from the business.
The JAMToolkit has the ability to capture and store end-user transaction usage. This data and subsequent analysis can be used to support periodic access reviews to ensure that access is aligned to users roles and responsibilities. This data can also be used to support the implementation of a new role design by understanding the transactions frequently used by an end-user and therefore allows the mapping and provisioning of the access that is needed.
This article will explain the analysis that can be performed with the Transaction Usage feature alongside other JAMToolkit applications such as User Sync, User Mapping and Access Design. There are short demonstration videos and interactive dashboards for illustration.
The Transaction Usage feature of the JAMToolkit is complemented by User Synchronisation, bringing together the access design, (Jobs, Roles, Operating Models), the live user assignments (User Sync) and the transaction usage. This combination of data can be analysed through JAMToolkit reports to support periodic access reviews; identifying redundant access for proposed removal. The Remote User Management feature can also be used to apply these removals quickly and easily in the absence of peripheral user management systems such as GRC, IdM or CUA.
The JAMToolkit is a central repository for access design, allowing customers to upload their existing access design or prepare a new design through the JAMTEC templates (S/4 HANA or ECC Task-Based designs). Transaction Usage can be leveraged to identify the transactions used by the business and scope the business access requirement across multiple systems. The JAMToolkit allows for business processes to be referenced against Roles and Jobs providing validation and additional confidence in the overall design.
Transaction Usage can support the User Mapping of a new redesign without full reliance of business intervention, saving time, cost and reduces risk. User mapping can be captured, checked and provisioned all through the JAMToolkit and will support the roll-out of the new role design. Access design has always required a huge effort from business users and functional consultants. However, with these tools, the access design team can prepare an initial design template based on actual usage making the process more efficient and less reliant on the business.
Transaction Usage is an integral part of the JAMToolkit License Management feature. Understanding transaction usage allows for the correct license type to be assigned to each of your end-users and ensures that your business is operating within the limits of your SAP license agreement. Potential license cost saving may be achieved through this easy to manage series of tools.
This short video shows the easy to run Transaction Usage Extractor followed by the Usage and the Compare Reports.
The Usage Analysis dashboard is fully interactive, allowing drill-down into the data by clicking on the map and bar graphs. Right click to Page 2 to see the data behind the dashboard. Reset the data to return to the original dashboard display. Dashboards can be fully customised to suit your requirements.
The Usage Analysis dashboard illustrates 189 end-users who have been synchronised from a fictional ECC business operational model which includes three entities.