EN | DE

Home / BASIS / SUIM

SUIM: User Information System

BASIS - SAP Basis

When to use

Audit users roles and authorization objects

Typical beginner mistake

Running broad queries without filters

Business context

Goal: secure and least-privilege system access.

Typical stakeholders: security admin, basis consultant, process owner.

KPIs to watch: critical auth findings, access request lead time, segregation-of-duties conflicts.

Practical example

Audit asks who can release blocked invoices and who can post outgoing payments.

Consultant note: Use SUIM reports to identify users/roles and compare against SoD policy before go-live.

Case walkthrough: issue to resolution

Problem: Audit cannot quickly identify who can release blocked invoices or run payments.

Diagnosis: Run user-to-role and role-to-auth reports for critical transactions and auth objects.

Resolution: Publish recurring access evidence report and close unauthorized assignments with owners.

What to verify before execution

Related T-codes