In this IMG activity, you define the authorization groups for digital signatures.

You can use authorization groups to restrict the authorization to approve batch records as follows:

• You define different authorization groups for users with different areas of responsibility.
• In the user master record, you assign the authorization for the authorization group that corresponds to the user's area of responsibility (authorization object C_SIGN_BGR).
• You define individual signatures that users of a specific authorization group must execute and use them in signature strategies for the batch record.

Authorization groups are not taken into account if only one signature without signature strategy is entered to approve a batch record.

Example

In your company, production and quality assurance must approve batch records. You make the following settings:

• You define authorization groups PROD (production) and QUAL (quality assurance.
• You assign the authorization for group PROD to the head of production and his or her deputy and the authorization for group QUAL to the head of quality control and his or her deputy.
• You define two individual signatures for batch record approval and assign authorization group PROD to the first signature and authorization group QUAL to the second signature.

Requirements

Standard settings

Recommendation

Activities

1. Decide on the different authorization groups or areas of responsibility you require in your company.
2. Define an authorization group for every user group.

Further notes

Authorization groups are valid for all areas that use the digital signature. Before changing authorization groups or using them for your requirements, make sure that there is no clash of interests with other areas.