Mapping SAP roles and responsibilities to business users, typically done in the Realize phase, is a critical technical and security step in SAP cloud implementations. Option C is correct because it ensures users receive role-based access (e.g., via SAP’s authorization profiles) limited to what their job requires—such as a sales rep accessing only sales transactions, not financial reporting. This prevents unauthorized access, enhances security, and aligns with SAP’s best practices for system governance, reducing risks like data breaches or operational errors. For example, in S/4HANA Cloud, roles like “SAP_BR_SALES_REP” are mapped to specific users to control functionality access, a process tied to security and compliance.
Option A is incorrect because role mapping is a technical task for system access, not a foundation for personas (fictional stakeholder profiles) or communication, which rely on broader stakeholder analysis. Option B is incorrect—developing the operating model (organizational structure/processes) is a higher-level task informed by process design, not user role mapping, which is more granular. Option D is incorrect; while role mapping might indirectly optimize training scope or infrastructure use, cost reduction isn’t its primary purpose—security and efficiency are. SAP OCM integrates this mapping with enablement but prioritizes its role in access control.
“Mapping SAP roles to business users ensures access is restricted to essential data and transactions, aligning with security standards and supporting efficient system use” (SAP Activate, Enablement and Security Integration).
