Annual SAP Security audit has always been a tough ask for administrators.
to extract the Combination of critical authorization & monitor the same is a time taking exercise but it can be extracted on a simple click with SAP Critical Authorization Reports all you have to do is maintain the critical Authorizations.
to maintain the critical authorizations execute the transaction SU_VCUSRVAR_CHANGE
1) Double Click Critical Authorizations
2) Click on New Entry you can also Copy it from Standard depending upon your requirement.
Select the Color based on criticality
3) after adding your entries select the newly created Authorization ID and Double click the Authorization Data on Left Pane
Under Object mention the Authorization objects field Name enter the Field name For e.g
Save the entries
4) Double Click Variants for critical Authorization
and maintain the Variant by Clicking New Entries Save the New Entry
and then Select the newly created entry & double click the Critical Authorization
and add the critical authorization which we created in Step 2
now execute the transaction S_BCE_68002111
select the created variant and execute the report