Installation Guide | PUBLIC

2024-06-26

Sizing Guide for Access Control 12.0

© 2024 SAP SE or an SAP affiliate company. All rights reserved.

THE BEST RUN

Content

1 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1 Functions of SAP Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

2 Sizing Fundamentals and Terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3 Initial Sizing for SAP Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

3.1 Assumptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.2 Factors that Influence Performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3 Sizing Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.4 Sizing Guideline. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
User Synchronization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

Sizing Guide for Access Control 12.0

2 PUBLIC Content
1 Introduction

SAP Access Control 12.0 (Access Control) delivers a comprehensive, cross-enterprise set of access controls
that enables corporate compliance stakeholders -- including business managers, auditors, and IT security
managers -to collaboratively define and oversee proper Segregation of Duties (SoD) enforcement, enterprise
role management, compliant provisioning, and super-user privilege management. SAP Access Control
addresses a complete range of control risks.

SAP NetWeaver also helps organizations align IT with their business. With SAP NetWeaver, organizations can
compose and enhance business applications rapidly using enterprise services. As the foundation for enterprise
service-oriented architecture (enterprise SOA), SAP NetWeaver allows organizations to evolve their current IT
landscapes into a strategic environment that drives business change.

This guide provides guidelines and rules for sizing SAP Access Control in your environment. Sizing is the
process of translating business requirements into the hardware requirements (such as physical memory, CPU
processing power, and network capacity). The guide describes the steps of this process and explains the
factors that influence performance and hardware requirements. the steps of this process and explains the
factors that influence performance and hardware requirements.

1.1 Functions of SAP Access Control

SAP Access Control provides several features including access risk analysis, business role management,
emergency access management, and access request management, among others. Access Control offers the
following capabilities:

Risk Detection

SAP Access Control detects access and authorization risks across SAP and third-party applications, providing
protection against a range of potential risk sources including segregation of duties and transaction monitoring.

Risk Remediation and Mitigation

SAP Access Control enables fast, efficient remediation and mitigation of access and authorization risks by
automating workflows and enabling collaboration among business and technical users.

Reporting

SAP Access Control delivers the comprehensive reports and role-based dashboards businesses need to
monitor the performance of compliance initiatives and to take action as needed.

Risk Prevention

After access and authorization risks have been remediated, Access Control prevents new risks from entering
a production system. By empowering business users to check for risks in real time and automating user
administration, Access Control makes risk prevention a continuous, proactive process.

Sizing Guide for Access Control 12.0

Introduction PUBLIC 3
1.2 Architecture

Access Control is an add-on (software component GRCFND_A) to SAP NetWeaver 7.52 (ABAP) that allows you
to use all databases and operating systems supported by the SAP Web Application Server. Figure 1 illustrates
the architecture.

Furthermore, GRC Plug-In Adapters are required for standard integration of SAP/third-party systems and SAP
Access Control.

 Note

Additional extensions (not considered in this initial sizing) are also available, including Identity
Management Solutions integration, LDAP user repositories integration, third-party systems provisioning,
and SAP NW Enterprise Portal provisioning integration, among others.

Sizing Guide for Access Control 12.0

4 PUBLIC Introduction
2 Sizing Fundamentals and Terminology

SAP provides general sizing information at SAP Sizing (https://www.sap.com/about/benchmark/sizing.html).

For this guide, we assume that you are familiar with sizing fundamentals.

This section explains important sizing terms, as these terms are used extensively in this document.

Sizing

Sizing means determining the hardware requirements of an SAP application, such as network bandwidth,
physical memory, CPU processing power, and I/O capacity. The size of the hardware and database is
influenced by both business aspects and technological aspects. This means that the number of users using the
various application components and the data load they put on the server must be taken into account.

Benchmarking

Sizing information can be determined using SAP Standard Application Benchmarks (www.sap.com/
benchmark). Released for technology partners, benchmarks provide basic sizing recommendations to
customers by placing a substantial load upon a system during the testing of new hardware, system software
components, and relational database management systems (RDBMS). All performance data relevant to the
system, user, and business applications are monitored during a benchmark run and can be used to compare
platforms.

SAPS

The SAP Application Performance Standard (SAPS) is a hardware-independent unit that describes the
performance of a system configuration in the SAP environment. It is derived from the Sales and Distribution
(SD) Benchmark, where 100 SAPS is defined as the computing power to handle 2,000 fully business processed
order line items per hour. (For more information about SAPS, see www.sap.com/benchmark → Measuring in
SAPS).

Tips for Calculating SAPS

You need to identify which tasks run in parallel and which tasks run in sequential order to calculate SAPs
correctly.

 Note

• If tasks are done at the same time (parallel), then add the SAPS for all parallel tasks to get a total SAPS
number.
• If tasks are done sequentially (one after another) then do not add them together.

Example

Synchronization and Batch User Risk Analysis tasks run in sequential order.

Synchronization with 10.000 users = 5000 SAPS o Batch User Risk Analysis with 10.000 users = 20,000 SAPS
o Therefore, you would need 20,000 SAPS (not 25,000 SAPS).

Sizing Guide for Access Control 12.0

Sizing Fundamentals and Terminology PUBLIC 5
Example

Initial Sizing

Initial sizing refers to the sizing approach that provides statements about platform-independent requirements
of the hardware resources necessary for representative, standard delivery SAP applications. The initial sizing
guidelines assume optimal system parameter settings, standard business scenarios, and so on.

Expert Sizing

Expert Sizing refers to a sizing exercise where customer data is analyzed and used to provide more detail for
the sizing result. The main objective is to determine the resource consumption of customized content and
applications (not SAP standard delivery) by comprehensive measurements. At SAP, expert sizing is typically
covered by Consulting or Support. For more information, see support.sap.com.

Configuration and System Landscaping

Hardware resource and system configuration depend on the requirements of the customer-specific project.
This includes the implementation of distribution, security, and high availability solutions by different
approaches using third-party tools. In the case of high availability through redundant resources, for example,
the final resource requirements must be adjusted accordingly.

There are “best practices” which may be valid for a specific combination of operating system and database. To
provide guidance, SAP created NetWeaver configuration guides (help.sap.com and search for NetWeaver).

Sizing Guide for Access Control 12.0

6 PUBLIC Sizing Fundamentals and Terminology
3 Initial Sizing for SAP Access Control

This section describes the procedure for sizing SAP Access Control.

3.1 Assumptions

This section describes the assumptions used when sizing Access Control.

Initial sizing assumes the following:

• The standard, out-of-the-box access analysis rule set is used in all access risk.
• The sizing relates to the Access Control server only.
• Plug-ins installed on backend systems can add overhead when Access Control retrieves data. This
overhead is not included.
• Initial sizing is completed using only select use cases, including full batch access risk analysis.
• Database sizing is included, but network sizing is not.
• Table logging has been turned off:

This guide does not include sizing considerations for the following:

• NetWeaver Portal
• Report printing using Adobe Document Services (ADS)

3.2 Factors that Influence Performance

The following factors can have an effect on performance:

• HANA database use. Refer to the following for more information:

• Suite on HANA memory sizing: SAP Note 1872170
• Sizing for SAP Suite on HANA: SAP Note 1793345
• Master data volume
• Transaction data volume
• IMG configuration settings
• Number of concurrent users
In addition, the following factors influence performance when sizing SAP Access Control:
• Landscape
• Number and type of target/backend systems (including SAP, Third party, IDM, and others) for access
risk analysis, access provisioning, role generation and superuser privilege management

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 7
• Business Requirements
• Total number of objects (users/roles/profiles) in each of the backend systems for access risk analysis;
Total number of risks and rules defined for access risk analysis; Average number of permission
level violations per object (user/role/profile) in access risk analysis; Number of average roles per
request and number of average systems associated per request; Number of Firefighter IDs accessing
the backend per hour during normal business hours and the average number of transactions per
firefighter
• Number of access requests per hour or per working day, and the number of maximum concurrent
users to create or approve requests
• Number of maximum concurrent real-time access risk analysis (ad-hoc) jobs and average number of
objects (users/roles/profiles) in each real-time access risk analysis
• Disk size (dependent on the number of violations, frequency of ad-hoc analysis, and the number of
clients)
• Complexity and configuration of the approval process definition (AC approval workflow settings)
•

3.3 Sizing Overview

Initial sizing involves a coordinated effort between SAP Basis and AC Functional experts to determine the
expected number of users and transactional volume for the implemented features of Access Control.

With this user and transaction data, you can then use the sizing guidelines in the next section to determine the
processing requirements, measured in SAPS.

 Note

The SAPS numbers in the tables are based on the quantity of transactions that can be processed by a CPU
per hour.

You can provide these results to your hardware partners to ensure that the appropriate processor, memory,
and storage resources are available for your production environment.

 Note

In this section, synchronization refers to the standard User/Role/Profile synchronization job in Access Risk
Analysis (ARA). You run the synchronization when you first build the system and thereafter you run it as a
scheduled job. The frequency of the scheduled job is dependent on the user/access scenario.

3.4 Sizing Guideline

The sizing results described in this section were obtained by measuring the following scenarios:

Sizing Guide for Access Control 12.0

8 PUBLIC Initial Sizing for SAP Access Control
 • User synchronization
• Role synchronization
• Batch user risk analysis
• Batch role risk analysis
• User risk analysis
• Role risk analysis
• Access request creation
• Request approval
• Role import (backend synchronization)
• Role import (file upload)
• Role creation and search
• Log collection (background job)
• Log report (single user)
The results include memory and disk usage, as well as the minimum number of SAPS required to support
the corresponding number of users.

3.4.1 User Synchronization

In this scenario, users perform user synchronization as a background job by running the SPRO transaction and
executing SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization Jobs
Repository Object Synch .

Procedure

1. Run the SPRO transaction.

2. Navigate to SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization
Jobs Repository Object Synch .
3. In the Select Sync Job section, select the User check box.
4. Enter values in the required fields.
5. Choose Execute to run the user synchronization.

The following table shows the sizing guidelines according to the usage categories:

 Note

The sizing numbers apply to User Synchronization which includes Role and Profile Synchronization.

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Synchronize 5000 4 327 2500

users

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 9
 Minimum Disk Space
Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Medium Synchronize 10,000 4 910 5000

users

Large Synchronize 15,000 4 1,490 7500

users

3.4.1.1 Role Synchronization

In this scenario, users perform user synchronization as a background job by running the SPRO transaction and
executing SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization Jobs
Repository Object Synch .

Procedure

1. Run the SPRO transaction.

2. Navigate to SAP Reference IM Governance, Risk and Compliance Access Control Synchronization
Jobs Repository Object Synch .
3. In the Select Sync Job section, select the Role check box.
4. Enter values in the required fields.
5. Choose Execute to run the user synchronization.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Synchronize 1000 15 2.67 1000

roles*

Medium Synchronize 3000 15 6.24 3000

roles*

Large Synchronize 5000 15 6.87 5000

roles*

*5 languages

 Note

The sizing numbers apply to Role Synchronization which includes Profile Synchronization.

Sizing Guide for Access Control 12.0

10 PUBLIC Initial Sizing for SAP Access Control
3.4.1.1.1 User Risk Analysis

In this scenario, users perform user risk analysis using the Access Management Access Risk Analysis
User Level Analysis Control .

Procedure

1. Choose Access Management Access Risk Analysis User Level Analysis Control .
2. Enter values in the required fields.
3. Choose Run in Foreground to run the risk analysis.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user* 68 0.005 10

Medium 5 concurrent users* 68 0.025 50

Large 10 concurrent users* 68 0.050 100

*Performing 1 user risk analysis (4300 violations)

3.4.1.1.2 Role Risk Analysis

In this scenario, users perform user risk analysis using the Access Management Access Risk Analysis
Role Level Application .

Procedure

1. Choose Access Management Access Risk Analysis Role Level Application .

2. Enter values in the required fields.
3. Choose Run in Foreground to run the risk analysis.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user* 64 0.005 10

Medium 5 concurrent users* 64 0.025 50

Large 10 concurrent users* 64 0.050 100

*Performing 1 role risk analysis (4300 violations)

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 11
3.4.1.1.3 Batch User Risk Analysis

In this scenario, users perform user synchronization as a background job by running the SPRO transaction and
executing SAP Reference IMG Governance, Risk and Compliance Access Control Access Risk Analysis
Batch Risk Analysis Execute Batch Risk Analysis .

Note the following assumptions for this scenario:

• 10% of the user community is violating

• Each violating user has 1000 violations and 5 profiles

Procedure

1. Run the SPRO transaction.

2. Navigate to SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization
Jobs Repository Object Synch .
3. In the System Selection section, select the Job Name, System, and RuleSet fields.
4. In the Batch Processing Model field, choose Full.
5. In the Object Selection section, check theUser Analysis check box and specify the User range for the Batch
Risk Analysis.
6. In the Risk Analysis Type section, check the Permission/Critical Action/Critical Permission Level check box.
7. Choose Execute to run the Batch Risk Analysis.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1000 users 60 125 2000

Medium 5000 users 60 625 10,000

Large 10,000 users 60 1,250 20,000

 Note

Each violating user with 1000 violations has a SAPS value of 20.

3.4.1.1.4 Batch Role Risk Analysis

In this scenario, users perform user synchronization as a background job by running the SPRO transaction and
executing SAP Reference IMG Governance, Risk and Compliance Access Control Access Risk Analysis
Batch Risk Analysis Execute Batch Risk Analysis .

Note the following assumptions for this scenario:

• 10% of the user community is violating

Sizing Guide for Access Control 12.0

12 PUBLIC Initial Sizing for SAP Access Control
 • Each violating user has 1000 violations and 5 profiles

Procedure

1. Run the SPRO transaction.

2. Navigate to SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization
Jobs Repository Object Synch .
3. In the System Selection section, select the Job Name, System, and RuleSet fields.
4. In the Batch Processing Model field, choose Full.
5. In the Object Selection section, check theRole Analysis check box and specify the Role range for the Batch
Risk Analysis.
6. In the Risk Analysis Type section, check the Permission/Critical Action/Critical Permission Level check box.
7. Choose Execute to run the Batch Risk Analysis.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 100 roles* 20 98 400

Medium 1000 roles* 20 978 4000

Large 5000 roles* 20 4,250 20,000

*Each role has 1000 permission violations.

3.4.1.1.5 Access Request Creation

In this scenario, users perform user risk analysis using the Access Management Access Request Creation
Access Request .

Procedure

1. Choose Access Management Access Request Creation Access Request .

2. Enter values in the required fields.
3. Choose Submit pushbutton.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user creating a re- 45 0.1 15

quest*

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 13
 Minimum Disk Space
Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Medium 10 concurrent users 53 0.98 150

each creating one re-
quest*

Large 25 concurrent users 53 2.45 375

each creating one re-
quest*

*1 user with 5 roles.

3.4.1.1.6 Request Approval

In this scenario, users perform user risk analysis using the My Home My Work .

Procedure

1. Choose My Home My Work .

2. Search for the request created in section 3.2.7 (in this guide).
3. Choose the request hyperlink to open the request.
4. Choose Submit pushbutton to approve the request.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user* 85 0.18 10

Medium 5 concurrent users* 87 0.86 50

Large 10 concurrent users* 87 1.7 100

*1000 violations

3.4.1.1.7 Role Import (Backend Synchronization)

In this scenario, users perform user risk analysis using the Access Management Role Mass Maintenance
Role Import .

Procedure

1. Choose Access Management Role Mass Maintenance Role Import .

Sizing Guide for Access Control 12.0

14 PUBLIC Initial Sizing for SAP Access Control
 2. In the Import Source section, select Backend System as the Role Authorization Source
3. In the Definition Criteria section, choose Governance, Risk and Compliance in the Application Type field.
4. Choose the appropriate Landscape and Source System, and choose the Next pushbutton.
5. In the Select Role Data step, complete the required fields and choose the Next pushbutton.
6. In the Review step, choose the Next pushbutton.
7. In the Schedule step, choose Submit pushbutton.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Import 1000 roles* 20 309 1000

Medium Import 2000 roles* 24 619 2000

Large Import 5000 roles* 32 1,547 5000

*Background execution.

3.4.1.1.8 Role Import (File Upload)

In this scenario, users perform user risk analysis using the Access Management Role Mass Maintenance
Role Import .

Procedure

1. Choose Access Management Role Mass Maintenance Role Import .

2. In the Import Source section, select File on Desktop as the Role Authorization Source
3. In the Definition Criteria section, choose Governance, Risk and Compliance in the Application Type field.
4. Choose the appropriate Landscape, and choose the Next pushbutton.
5. In the Select Role Data step, specify the file name in the Role Authorization Source section, and choose the
Next pushbutton.
6. In the Review step, choose the Next pushbutton.
7. In the Schedule step, choose Submit pushbutton.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Import 100 roles* 28 31 100

Medium Import 200 roles* 555 62 200

Large Import 500 roles* 1,363 155 500

*Background execution

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 15
3.4.1.1.9 Role Creation and Search

In this scenario, users perform user risk analysis using the Access Management Role Management Role
Maintenance .

Procedure

1. Choose Access Management Role Management Role Maintenance .

2. Choose Role Management Single Role .
3. Enter values in the required fields.
4. Choose the Save & Continue pushbutton.
5. Choose the appropriate authorization, and choose the Save & Continue pushbutton until the role
generation is complete.
6. Choose the Close pushbutton.
7. Choose Access Management Role Management Role Search
8. Type the name of the role you created above, and choose the Search pushbutton.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user* 195 0.11 120

Medium 5 concurrent users** 203 0.54 600

Large 10 concurrent users** 200 1.1 1200

*Creating 1 role with 50 transactions and 20 auth objects, searching 1 role from among 10,000 roles.

** Each user creates 1 role with 50 transactions and 20 auth objects, searches 1 role from among 10,000 roles.

3.4.1.1.10 Log Collection (Background Job)

In this scenario, users perform log collection as a background job by running the SPRO transaction and
executing SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization Jobs
Firefighter Log Synch .

Procedure

1. Run the SPRO transaction.

2. Navigate to SAP Reference IMG Governance, Risk and Compliance Access Control Synchronization
Jobs Firefighter Log Synch .
3. In the Select Sync Job section, select the Role check box.
4. Enter an appropriate value in the Connector field.
5. Choose the Execute pushbutton.

Sizing Guide for Access Control 12.0

16 PUBLIC Initial Sizing for SAP Access Control
The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Log collection of 1 user 4 0.065 10

executing 20 transac-
tions

Medium Log collection of 10 4 0.6 100

user executing 200
transactions

Large Log collection of 50 4 3.32 500

user executing 2000
transactions

*5 languages

 Note

The sizing numbers apply to Role Synchronization which includes Profile Synchronization.

3.4.1.1.11 Log Report (Single User)

In this scenario, users create roles and then search for the role using the Reports and Analytics Super User
Management Reports Firefighter Log Summary Report .

Procedure

1. Choose Reports and Analytics Super User Management Reports Firefighter Log Summary Report .
2. Enter values in the required fields.
3. Choose the Run in Foreground pushbutton to run the report.

The following table shows the sizing guidelines according to the usage categories:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small Log report of 1 user 16 0 10

executing 20 transac-
tions

Medium Log report of 10 user 20 0 100

executing 200 transac-
tions

Sizing Guide for Access Control 12.0

Initial Sizing for SAP Access Control PUBLIC 17
 Minimum Disk Space
Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Large Log report of 50 user 56 0 500

executing 2000 trans-
actions

3.4.1.1.12 IDM Calls via Web Services for User Risk Analysis

In this scenario, the user has applications making IDM calls to Access Control via web services (WS) for user
risk analysis. Since each IDM call is considered as a single user connection, the sizing guidelines for user risk
analysis are also applicable for IDM.

In this scenario, each IDM call is the equivalent of a Small, 1 user risk analysis:

Minimum Disk Space

Peak Memory (MB) (MB)Traditional data-
Category Description Traditional database base/HANA Minimum SAPS

Small 1 user* 68 0.005 10

Medium 10 concurrent users* 68 0.045 100

Large 25 concurrent users* 68 1.110 250

*Performing 1 user risk analysis (4300 violations)

 Note

The information in the table above is taken from section 3.4.3 User Risk Analysis.

Sizing Guide for Access Control 12.0

18 PUBLIC Initial Sizing for SAP Access Control
Important Disclaimers and Legal Information

Hyperlinks
Some links are classified by an icon and/or a mouseover text. These links provide additional information.
About the icons:

• Links with the icon : You are entering a Web site that is not hosted by SAP. By using such links, you agree (unless expressly stated otherwise in your
agreements with SAP) to this:

• The content of the linked-to site is not SAP documentation. You may not infer any product claims against SAP based on this information.

• SAP does not agree or disagree with the content on the linked-to site, nor does SAP warrant the availability and correctness. SAP shall not be liable for any
damages caused by the use of such content unless damages have been caused by SAP's gross negligence or willful misconduct.

• Links with the icon : You are leaving the documentation for that particular SAP product or service and are entering an SAP-hosted Web site. By using
such links, you agree that (unless expressly stated otherwise in your agreements with SAP) you may not infer any product claims against SAP based on this
information.

Videos Hosted on External Platforms

Some videos may point to third-party video hosting platforms. SAP cannot guarantee the future availability of videos stored on these platforms. Furthermore, any
advertisements or other content hosted on these platforms (for example, suggested videos or by navigating to other videos hosted on the same site), are not within
the control or responsibility of SAP.

Beta and Other Experimental Features

Experimental features are not part of the officially delivered scope that SAP guarantees for future releases. This means that experimental features may be changed by
SAP at any time for any reason without notice. Experimental features are not for productive use. You may not demonstrate, test, examine, evaluate or otherwise use
the experimental features in a live operating environment or with data that has not been sufficiently backed up.
The purpose of experimental features is to get feedback early on, allowing customers and partners to influence the future product accordingly. By providing your
feedback (e.g. in the SAP Community), you accept that intellectual property rights of the contributions or derivative works shall remain the exclusive property of SAP.

Example Code
Any software coding and/or code snippets are examples. They are not for productive use. The example code is only intended to better explain and visualize the syntax
and phrasing rules. SAP does not warrant the correctness and completeness of the example code. SAP shall not be liable for errors or damages caused by the use of
example code unless damages have been caused by SAP's gross negligence or willful misconduct.

Bias-Free Language
SAP supports a culture of diversity and inclusion. Whenever possible, we use unbiased language in our documentation to refer to people of all cultures, ethnicities,
genders, and abilities.

Sizing Guide for Access Control 12.0

Important Disclaimers and Legal Information PUBLIC 19
www.sap.com/contactsap

© 2024 SAP SE or an SAP affiliate company. All rights reserved.

No part of this publication may be reproduced or transmitted in any form

or for any purpose without the express permission of SAP SE or an SAP
affiliate company. The information contained herein may be changed
without prior notice.

Some software products marketed by SAP SE and its distributors

contain proprietary software components of other software vendors.
National product specifications may vary.

These materials are provided by SAP SE or an SAP affiliate company for

informational purposes only, without representation or warranty of any
kind, and SAP or its affiliated companies shall not be liable for errors or
omissions with respect to the materials. The only warranties for SAP or
SAP affiliate company products and services are those that are set forth
in the express warranty statements accompanying such products and
services, if any. Nothing herein should be construed as constituting an
additional warranty.

SAP and other SAP products and services mentioned herein as well as
their respective logos are trademarks or registered trademarks of SAP
SE (or an SAP affiliate company) in Germany and other countries. All
other product and service names mentioned are the trademarks of their
respective companies.

Please see https://www.sap.com/about/legal/trademark.html for

additional trademark information and notices.

THE BEST RUN