Ammar Ali

• Worked in S/4 HANA with the creation of custom groups, catalogue creation, and maintaining the OData/SICF services, as well as troubleshooting the issues during the course of the project.
• Supported the user in the phases of the project and coordinated with the ABAP team for the resolution of the Fiori issues and services.
• Knowledge of both the embedded and hub models for S/4 HANA, and closing coordination with the business, requires maintaining the documents in the HUB model.
• Created, modified, and deleted parent, derived, and composite roles in SAP using PFCG.
• Resolved security and authorization issues under pressure, utilizing SU53, SU56, ST01, and STAUTHTRACE.
• Extracted and reviewed reports for auditing, ensuring compliance with security standards.
• Conducted risk analysis at action and permission levels using ARA, leading simulations for role assessments.
• Managed user access requests including creation, role assignment, reactivation, deactivation, and troubleshooting.
• Supported GRC Access Control implementation projects by troubleshooting access issues and configuring system settings.
• Oversaw firefighter ID management, addressing access-related problems to uphold security protocols.
• Developed training materials on SAP Security best practices for end-user education.

Project 3.

• Implemented user administration and authorization concepts in SAP Fiori frontend and backend systems.
• Designed and maintained Fiori role and authorization concepts, including catalogs, groups, and task-based roles.
• Integrated Fiori catalogs, groups, and tiles into PFCG roles for seamless access management.
• Performed troubleshooting and trace analysis using ST01 (single server), STAUTHTRACE (multi-server), and resolved authorization issues.
• Hands-on experience with Fiori Content Manager/Designer (/UI2/FLPCM_CUST, /UI2/FLPD_CUST), and SICF service maintenance.
• Supported Functional Unit Testing (FUT) and User Acceptance Testing (UAT) for role validation.

Project 2.

• Part of S/4HANA Security Implementation and Role Redesign, ensuring optimized and flexible task-based role structures.
• Extracted and analyzed user group-wise usage analysis reports and user access review (UAR) reports from SAP GRC.
• Mapped UAR with usage analysis to identify required T-codes and assign appropriate roles.
• Designed task-based single roles and consolidated them into composite roles, following role-naming standards.
• Built an authorization matrix by mapping user-role assignments (SU01) and streamlined role structures.
• Managed Transport Requests (TRs) for role assignments and deployments across the SAP landscape.

Project: 1.

• Performed user administration (SU01), including creation, deletion, lock/unlock, password resets, and authentication handling.
• Familiar and hands-on experience in the SAP GRC tool, such as SOD Risk Analysis, Access Usage Analysis Report, and GRC EAM.
• Expertise in role management – creation, modification, and maintenance of single, master, and derived roles using PFCG (Profile Generator).
• Analyzed and resolved missing authorization issues, assigning roles based on approved requests.
• Monitored user login issues, password resets, and access to critical profiles (SAP_ALL, SAP_NEW) to ensure compliance.
• Worked extensively with SAP Security tables such as AGR_TCODES, AGR_USERS, AGR_DEFINE, AGR_1251, and AGR_1252 for role and authorization analysis