You can use relevant authorizations for this object to control how the objects P_ORGIN, P_ORGXX, and the customer-specific authorization object P_NNNNN are used in the specified reports to check the authorization for HR infotypes. You can also use reports to control the infotype authorization check. This can be useful for functional reasons or to improve performance (for example, of the payroll run) at runtime of the corresponding reports.
For this object, enter one or more report names and a degree of simplification (COARS field) that the check is to use for the report(s) concerned.
If you regard certain HR reports (telephone lists and so on) as uncritical with relation to access protection, enter the corresponding reports in the Report name field and * in the Degree of Simplification field. Consequently, no other checks except for the check on the S_PROGRAM object, ABAP: Program Flow Checks, take place.
Hint
A P_ABAP authorization, for example for report SAPDBPNP with COARS = 2, means that all HR reports based on the PNP logical database can perform no more authorization checks. You will want to deactivate the authorization checks for only a very small number of reports. In case of doubt, do not assign your users authorizations for the P_ABAP object.
HR: Reporting in Time Evaluation
A time administrator should perform time evaluations (Time Evaluation report, RPTIME00) for employees assigned the organizational key CABB*. To obtain certain additional information that is required internally (information that the program user cannot see or can see only partially), the system must read the Basic Pay (0008) infotype, among others, during time evaluation. To be able to carry out time evaluation, the time administrator must have display authorization for this infotype. However, the administrator should not have general display authorization for the Basic Pay (0008) infotype. To restrict the read authorization for the Basic Pay (0008) infotype for employees with the CABB* organizational key in report RPTIME00, use the authorizations shown in the figure HR: Reporting in Time Evaluation.
As a result, a simplified check takes place in connection with report RPTIME00 during the infotype authorization check. On the one hand, infotype, subtype, and level are checked independently according to simplification degree 1, and on the other hand, organizational assignment (in the example, organizational key). Infotype 0008 can be read in report RPTIME00. If, however, the check is not in connection with this report, all fields of the HR: Master Data object are checked together. This check does not result in read access to the Basic Pay infotype.