The SU24 transaction allows security administrators to control the default values for several application types in the system. That enables security administrators to easily maintain proposal values for authorization objects of standard- and custom transactions.
When role administrators add transaction codes to role menus, SAP then automatically adds the proper default authorization data to the role. As a result, SU24 is the basis for secure and efficient role creation, and is, therefore, one of the most critical SAP Security transactions. The use and maintenance of SU24 are recommended as a fundamental SAP best practice to ensure the sustainable and clean administration of authorizations.