This solution and it's underlying process encompasses the design and implementation of a central user authorization and management system which meets all demands of the different areas such as easy-to-use online request forms for user rights and roles, a flexible authorization-workflow and an automated assignment in the target systems.
To realize that, the respective authorization roles are consulted directly from the various end systems such as Cartesis Magnitude, Ariba, SAP R/3, SAP BW, SAP Portal, relational databases or proprietary developments. Via intranet, the users are thus able to select and apply for their specific needs directly within user-friendly authorization request forms.
As soon as an application form is completed, the authorization request is forwarded automatically or manually to the dedicated approvers or their substitutes, who are now in a position to grant, deny or comment the requested authorization per mouse-click in the same easy-to-use intranet application. Anyway, the customized workflow remains dynamic and can be adjusted individually according to changing responsibilities and approval steps.
Once all involved steps of the approval workflow have been finalized, a notification will be sent to the user automatically and, if authorization has been granted, the assignment of the rights und roles in the target system will be passed through. Administration and monitoring of the process and system can as well be done easily within the intranet, it offers the possibility to quickly change or react manually if necessary.
Key features of the central user management system:
- easy-to-use intranet application
- automated workflow (incl. reminders)
- connection to numerous end systems
- automatic assignment in the target systems
- easy reporting, monitoring and administration
- active directory connection
|
Central User Administration
|
By centralizing the user administration, authorization and provisioning process in one application the heterogeneous end systems can be treated consistently. The time gap between the authorization request and the final assignment of the rights or roles in the target system can be reduced significantly, overall administration costs of formerly decentralized teams can now be concentrated to only one.
The connection to various applications and end systems is not limited in neither number nor complexity. Through the online use of the original master data and the current rights and roles of the target system, the cost of maintenance can be reduced to a minimum. Within 2004, a productive central user administration system of one of our customers connected to up to 46 target systems and was successfully handling with about 600 dedicated approvers more than 6500 user authorization requests.
Userdata-Entry
|
Module-Selection
|
Authorization-Selection
|
Administration
|
|