Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.

How SAP Authorizations and 6-Year Olds are Related

  • Font size: Larger Smaller
  • Hits: 8986
  • Print

It’s the holidays and the kids are home.


It’s really great to be with them. After many jam-packed school and work-filled months, we finally get the opportunity to spend some precious time together. And more time together. …And more time together. And I start noticing things, like the similarity between the situation at home and processes at work…

Take for example the whining about the iPad and compare it to a standard process for granting SAP authorizations. It goes like this:

“Mom, I want to play with the iPad.”

“No, you don’t need it, you’ll break it.”

“But mooommm” in a whiny voice, “I really want it, want it, want it!”

“Well…. Let’s see what dad thinks.” “Honey, can we let Johnny use the iPad?”

“Yes, but please ask him to be careful… and don’t let him use email!”

“OK, Johnny, here’s the iPad. But be very careful. It’s dad’s, and he said not to use email.”

– An hour later –



“Can I have the iPhone?”

“But you had the iPad, and after 10 minutes you went to watch TV.”

“Yes, but now I want to use the iPhone. Pleaaassseee can I have the iPhone? Pleaaaaasssseeee….”

Compare the above with this:

“Tom, I need an authorization to view invoices.”

“But you have one already.”

“Yeah, but it’s not the one that Sheila is using. Hers has more features.”

“No, it’s the same functionality.”

“But, I still really need it.”

“Well, if your manager approves it, we can grant it to you, but only for company code 1000.”

– A month later –

“Tom, I need an authorization to view invoices, like George.”

“We gave you one last month and you didn’t use it.” 

“Yes, but this time it’s different. George has a better transaction for invoices in the portal. It does more, and I want it too.”

Hmmm… Very interesting. Does this work situation sound familiar?

– Back on the home front a couple of days later –

Your wife asks you, “Honey, did you notice how many apps Johnny’s put on the iPad? I want you to check them and see what’s OK for his age.

…and while you’re going about this task, you can’t fight the idea that what you’re really doing is conducting an authorization review process…


Can you see more similarities?

Here’s to a great 2014!

Moshe Panzer and

The Xpandion Team

Xpandion is the leading provider of ERP usage inspection solutions, delivering unprecedented real-time visibility into management systems, significantly improving security, optimizing licensing usage and enabling GRC/SOX compliance. Contact us now.

Moshe Panzer is the founder and CEO of Xpandion. He has over 18 years' experience as a recognized SAP expert, having worked as a senior SAP & ERP consultant, project advisor, project leader and development manager for large private corporations worldwide. You can read more about Moshe on Xpandion's Management page.


  • Guest
    Tracy Levine 21/02/2014

    One of the best and most accurate portrayals I've read in a long time. Well done.

  • Guest
    MS 16/04/2014

    Very nicely done. A layman should be able to understand this. Good job.

Leave your comment

Guest 28/06/2017


in XpandionPosted by Yoav Michaeli

Office Space- A funny movie about hackers or a real life security threat?

Though most SAP programmers are reliable, serious professionals, there are a few who are intent on harming their organizations – and because of these few, we are rightfully afraid of the power of SAP Programmers. They almost always have a significant number of authorizations in the production system...
in XpandionPosted by Moshe Panzer

Xpandion and the Cloud: Compliance in Loosely-Connected Environments

For the last couple of years, the cloud has proven to be both an obstacle and an opportunity for enterprises. Even the largest Fortune 500 Companies who like to have their data on their own servers can't ignore the cloud anymore and are forced to create a policy for using it. Even if they aren't m...
in XpandionPosted by Dror Aviv

If It Ain’t Broke, Don’t Fix It

I, for one, feel confident when implementing new software on a client’s server or on our secured cloud; nonetheless I can’t necessarily say the same about the customer... Sometimes I feel that customers are a bit nervous when I’m around, especially when I ask questions about their SAP authoriza...
in XpandionPosted by Dror Aviv

Does Your Software Suit You?

When you go to a tailor to purchase a suit, do you prefer a suit that fits you 100%, in size and taste? Or would you rather get a semi-fitted suit, which is not quite your size (baggy…) and only close to the color you wanted? I’m pretty sure the unanimous answer is a 100% tailored suit – nothing les...
in Security & AuthorizationsPosted by Yoav Michaeli

Unexpected Party in Production

IT activities in most enterprises fall under internal rules and regulations. Transferring objects to the production environment or creating them – is no different. Companies usually have a process for transferring T-Codes into the production environment or creating new user queries in the global que...



157 Yigal Alon Street,

Tel Aviv 67443, Israel


US Office


33 West 19th Street, New York,

NY 10011, USA


India Office


C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India