{"id":6331,"date":"2022-12-19T08:34:41","date_gmt":"2022-12-19T06:34:41","guid":{"rendered":"http:\/\/inprosec.com\/authorizations-in-sap-erp-hcm\/"},"modified":"2025-07-14T17:13:13","modified_gmt":"2025-07-14T15:13:13","slug":"authorizations-in-sap-erp-hcm","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/","title":{"rendered":"Authorizations in SAP ERP HCM"},"content":{"rendered":"<p><b>SAP Human Capital Management<\/b><span style=\"font-weight: 400;\"> is well suited for dealing with authorizations, because the Human Resources (HR) department has a highly distinct perception of authorizations. From the data protection point of view, the data saved here is particularly critical, because it concerns the employee\u00b4s privacy, which must be protected at all costs.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">SAP HCM (Human Capital Management) System separate the information in five different sub-modules:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8454\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/1.jpg\" alt=\"\" width=\"495\" height=\"495\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/1.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/1-300x300.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/1-150x150.jpg 150w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/1-600x600.jpg 600w\" sizes=\"(max-width: 495px) 100vw, 495px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">When we talk about authorizations, as in the rest of SAP systems, the key is the Segregation of Duties. <\/span><b>SAP GRC offers a standard risk matrix with 21 segregation of duties risks (SoD) specific to the HCM module<\/b><span style=\"font-weight: 400;\">. If you want to know more details about SoD Risk Matrix for SAP GRC, we recommend reading <a href=\"https:\/\/inprosec.es\/sod-risk-matrix-for-sap-grc\/\" target=\"_blank\" rel=\"noopener\">our related article<\/a>.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In order to have the minimum risks of SoD in our HCM system it will be important that we analyze the two main ways to set up authorizations HCM system:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">General authorizations<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">HR specific structural authorizations<\/span><\/li>\n<\/ul>\n<h2><b>General authorizations<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In this section we will define as based on the same authorization methodology as for the ECC systems in SAP. This option is based in Authorization Objects which defined the authorization fields<\/span> <span style=\"font-weight: 400;\">to be checked during the transaction execution. You can use the Role Maintenance transaction (PFCG) to create authorization profiles and assign it to the users. These profiles can be made up of transactions through the \u201cmenu\u201d tab and\/or by authorizations objects through the \u201cauthorizations\u201d tab.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Now we will list the most important objects in the HCM system to perform an appropriate restriction of authorizations:<\/span><\/p>\n<ul>\n<li><b>P_ORGIN<\/b><span style=\"font-weight: 400;\">: HR Master Data, that is used to provides the user with the necessary authorizations to access the specific personnel data they need:<\/span><\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8456\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/2.jpg\" alt=\"\" width=\"498\" height=\"311\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/2.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/2-300x188.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/2-600x375.jpg 600w\" sizes=\"(max-width: 498px) 100vw, 498px\" \/><\/p>\n<ul>\n<li><b>P_ORGXX<\/b><span style=\"font-weight: 400;\">: HR Extended Check, that is used to check authorization for personal data (HR infotypes):<\/span><\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8458\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/3.jpg\" alt=\"\" width=\"499\" height=\"312\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/3.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/3-300x188.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/3-600x375.jpg 600w\" sizes=\"(max-width: 499px) 100vw, 499px\" \/><\/p>\n<ul>\n<li><b>P_PERNR<\/b><span style=\"font-weight: 400;\">: HR Personnel Number Check, that is used to assign users different authorizations for accessing their own personnel number:<\/span><\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8460\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/4.jpg\" alt=\"\" width=\"499\" height=\"195\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/4.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/4-300x117.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/4-600x234.jpg 600w\" sizes=\"(max-width: 499px) 100vw, 499px\" \/><\/p>\n<p style=\"padding-left: 40px;\"><span style=\"font-weight: 400;\">As you can see, these three objects have two fields in common:\u00a0<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>INFTY<\/b><span style=\"font-weight: 400;\"> which is a unique term to the SAP HCM module to group related data fields used to store employee data.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>AUTH<\/b><span style=\"font-weight: 400;\"> through which you can restrict access to:<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8462\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/5.jpg\" alt=\"\" width=\"400\" height=\"400\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/5.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/5-300x300.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/5-150x150.jpg 150w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/5-600x600.jpg 600w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">If you want to check additional fields of Infotype, for example, cost center or personnel subarea, you can use the <\/span><b>P_NNNNN<\/b><span style=\"font-weight: 400;\"> authorization object. This object should be created by yourself and equip it with all fields of Infotype and customer specific additional fields.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Regarding with tables it is important to remark the authorization object <\/span><b>S_TABU_LIN<\/b><span style=\"font-weight: 400;\"> (Authorization for Organizational Unit). This object complements the authorization objects S_TABU_NAM, S_TABU_DIS and S_TABU_CLI. As you know, S_TABU_NAM works at the level of restrict access to viewing or modifying a specific system table. But the S_TABU_LIN controls access to individual table rows. Therefore, the existence of organizational criteria is a prerequisite for the use of this authorization object.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The HCM tables functionality can be identified by the following suffixes:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PA*- PA Infotype Tables<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PCL* &#8211; HR Clusters<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PB* &#8211; Recruitment Tables<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Furthermore, it is important to indicate that <\/span><b>when we decided to restrict HCM authorization role model through &#8220;general authorizations&#8221; it is recommendable to combine a master-derived role model with Enabler Roles<\/b><span style=\"font-weight: 400;\">. These roles only have authorization objects, not transactions. This will make the model management more efficient.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Enabler Roles are necessary since the fields that we want to restrict the authorizations (as we have seen in the previous objects like Infotype and Personnel Area) are not consider organizational value so you will need to have in one hand the roles with the transactions and objects derived by the corresponding organizational values \u200b\u200b(company code, plant, sales order &#8230; ..) and in the other hand, enabler roles with only the specifics HCM objects that give you specific access to the different Infotype and Personnel area.<\/span><\/p>\n<h2><b>Structural Authorizations<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In addition to the general authorization check, which are based on authorization objects, you can define additional authorizations by hierarchical structures.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The technical separation of general and structural authorizations profiles can cause context problems for users who perform different roles in a company. For example, if the same person performs the Payroll Manager activity for which you need access to some infotypes and is the manager of a team that should be allowed to other different infotypes:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8464\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/6.jpg\" alt=\"\" width=\"502\" height=\"314\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/6.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/6-300x188.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/6-600x375.jpg 600w\" sizes=\"(max-width: 502px) 100vw, 502px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">The result of giving this person the authorizations he requires for the two positions through the model explained in the previous section (General authorizations) will mean that the user will have additional access to Manager Team 2 in Infotypes 0008-0015 and Payroll Manager the Infotypes 0000-0007 by combination of authorizations:<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-8466\" src=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/7.jpg\" alt=\"\" width=\"499\" height=\"195\" srcset=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/7.jpg 640w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/7-300x117.jpg 300w, https:\/\/www.inprosec.com\/wp-content\/uploads\/2021\/11\/7-600x234.jpg 600w\" sizes=\"(max-width: 499px) 100vw, 499px\" \/><\/p>\n<p><span style=\"font-weight: 400;\">This can be avoided separating the general and structural authorizations concepts.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It is important to highlight that to enable the use of structural profiles it is a prerequisite to activate the ORGPD check through the <\/span><b>OOAC<\/b><span style=\"font-weight: 400;\"> transaction.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Structural profiles are assigned in a different way to general authorization profiles (PFCG Transaction). To assign structural profiles, you use a specific transaction called Authorization Profiles (<\/span><b>OOSP<\/b><span style=\"font-weight: 400;\">). Through this transaction profiles are initially created independently of the users and then assigned to them by User Authorizations Transaction (<\/span><b>OOSB<\/b><span style=\"font-weight: 400;\">) instead of SU01 as general authorizations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In relation to the SAP Tables, this information related with structural profiles authorizations can be found in the following tables:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>T77PR<\/b><span style=\"font-weight: 400;\"> &#8211; Definition of Authorization Profiles Data<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>T77UA<\/b><span style=\"font-weight: 400;\"> &#8211; Assignment of Profiles to Users<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">On the other hand, the following tables allow you to restrict access to tables through organizational rules:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>ORGCRIT<\/b><span style=\"font-weight: 400;\"> &#8211; Store Organization criteria data<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>V_ORGCRACT \u2013 <\/b><span style=\"font-weight: 400;\">Organizational Criteria Activation<\/span><\/li>\n<\/ul>\n<p><b>Key Points to Take Home:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">HCM system is having employee\u00b4s privacy information which must be protected.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Restricting authorizations in an HCM system should be handled differently than in an SAP ECC system.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Each company should evaluate its situation and know in which cases the general or structural authorization model should be used.<\/span><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>SAP Human Capital Management is well suited for dealing with authorizations, because the Human Resources (HR) department has a highly distinct perception of authorizations. From the data protection point of view, the data saved here is particularly critical, because it concerns the employee\u00b4s privacy, which must be protected at all costs. SAP HCM (Human Capital&#8230;<\/p>\n","protected":false},"author":6,"featured_media":5687,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[60,61,52],"tags":[151,153],"class_list":["post-6331","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sap-grc-en","category-sap-security-en-2","category-technical-article","tag-sap-grc-en","tag-sap-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Authorizations in SAP ERP HCM - Inprosec<\/title>\n<meta name=\"description\" content=\"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authorizations in SAP ERP HCM\" \/>\n<meta property=\"og:description\" content=\"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-19T06:34:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-14T15:13:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"Authorizations in SAP ERP HCM\",\"datePublished\":\"2022-12-19T06:34:41+00:00\",\"dateModified\":\"2025-07-14T15:13:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/\"},\"wordCount\":981,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/authorizations-in-HCM.jpg\",\"keywords\":[\"SAP GRC\",\"SAP Security\"],\"articleSection\":[\"SAP GRC\",\"SAP Security\",\"Technical Article\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/\",\"name\":\"Authorizations in SAP ERP HCM - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/authorizations-in-HCM.jpg\",\"datePublished\":\"2022-12-19T06:34:41+00:00\",\"dateModified\":\"2025-07-14T15:13:13+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"description\":\"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/authorizations-in-HCM.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/authorizations-in-HCM.jpg\",\"width\":1536,\"height\":768},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/authorizations-in-sap-erp-hcm\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authorizations in SAP ERP HCM\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Authorizations in SAP ERP HCM - Inprosec","description":"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/","og_locale":"en_US","og_type":"article","og_title":"Authorizations in SAP ERP HCM","og_description":"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.","og_url":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/","og_site_name":"Inprosec","article_published_time":"2022-12-19T06:34:41+00:00","article_modified_time":"2025-07-14T15:13:13+00:00","og_image":[{"width":1536,"height":768,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"Authorizations in SAP ERP HCM","datePublished":"2022-12-19T06:34:41+00:00","dateModified":"2025-07-14T15:13:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/"},"wordCount":981,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg","keywords":["SAP GRC","SAP Security"],"articleSection":["SAP GRC","SAP Security","Technical Article"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/","url":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/","name":"Authorizations in SAP ERP HCM - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg","datePublished":"2022-12-19T06:34:41+00:00","dateModified":"2025-07-14T15:13:13+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"description":"The article explains the importance of protecting employee privacy in the human resources area, since the data in this area is especially critical. This topic will be used to explain the importance of authorizations within a company.","breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2022\/03\/authorizations-in-HCM.jpg","width":1536,"height":768},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/authorizations-in-sap-erp-hcm\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"Authorizations in SAP ERP HCM"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6331","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=6331"}],"version-history":[{"count":6,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6331\/revisions"}],"predecessor-version":[{"id":13440,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/6331\/revisions\/13440"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/5687"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=6331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=6331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=6331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}