In this step, you define the authorization groups for

• Material-related activities in QM
• Master data in QM

You only need to process this step if you want to use the following authorization objects:

• Material authorization
• Master data authorization

If you use the material authorization you can also do the following:

• Stipulate an approval procedure for inspection lots
• Request digital signatures (electronic signatures).
• When drawing physical samples
• When recording inspection results
• When the usage decision is made

Recommendation

Using authorization groups requires a certain amount of organization. You must maintain authorization groups in the master data and issue appropriate authorizations to users. Use the authorization objects with due care.

Activities

1. Decide whether you really want to use the authorization groups. If required, define suitable:
• Material groups
• Master data groups

  Define the keys for the authorization groups.

2. Maintain the necessary authorizations and profiles for the user master records for those users who are to have authorization.
3. Maintain the authorization groups in the relevant master data.
4. Determine whether you need approval procedures for inspection lots, and if required, define the inspection lot creation procedure for each material group.
5. Determine whether you need digital signatures. You can request a digital signature in the following circumstances:
• When you draw physical samples
• During results recording
• At the usage decision

  Make the technical and organizational arrangements for this, as required.

1. Specify a signature method for the circumstances in which a digital signature is required.
2. Make sure that you make the required basic settings.
3. Make sure that the user master records for the persons authorized to give digital signatures are properly maintained.

Further notes

Approval of Task Lists and Inspection Lots

In certain branches of the process industry (for example, the pharmaceutical industry), Good Manufacturing Practice (GMP) requires that certain master data and master data changes must be subjected to an approval procedure. Work orders can only be executed if they are controlled or explicitly approved using released master data. In the QM component these are:

• The inspection plan (as a controlling master data object)
  To subject the inspection plan to an approval procedure, define a change rule and change type in the inspection plan header.
• The inspection lot (in the context of a work order)
  To subject the inspection lot to an approval procedure, define an identification in the material authorization group for the inspection lot approval.

Digital Signature

Mainly in the pharmaceutical sector but also in other sectors, the rules of Good Manufacturing Practice (GMP) require that certain operations only be implemented, monitored, or approved by authorized users. In the QM component these are:

• Confirming the physical-sample drawing
• Saving characteristic inspection results
• Saving a usage decision

The digital signature can be used as a technical tool for this. Authorized users can, for example, enter individual identification cards containing their user ID and password using a microchip card reader. Authorized users must enter a password if they want to save data. The system then checks whether this data matches the data from the user's master record before it saves the data in the database.

Recommendation

If you use a user signature with an external security product as a signature method, you should always work with a verification in the productive system. For signatures that do not have a verification, the validity of the user certificate is not checked. You should therefore only use this signature method for test purposes.

Further information

SAP Library for SAP ERP Central Component under Logistics -> Quality Management -> Quality Inspection -> Results Recording -> Processing of Inspection Results -> Digital Signature in QM