This tip was submitted to the searchSecurity Tip Exchange by user Jeanette Ford. Let other users know how useful it is by rating the tip below.
To determine who has critical authorizations in your system, run standard sap report RSUSR005. (Note: 136856 should be applied to ensure accurate results.) This is a great audit report which will tell you what access users have and highlghts in red or yellow anything that might be an issue.
Here is an example:
Administration: Release background jobs
Administration: Start background jobs with each user
Administration: Network, processes, update task administration...
Administration: Logical operating system commands
Administration: Operations on secured spool requests
Administration: Print on all printers allowed
Dig deeper on Enterprise User Provisioning Tools