Blocking The Business Partner When Changing The Sensitive Data Of Business Partner(Customer) – Dual Control Functionality in SAP
2023-10-22 22:36:40 Author: blogs.sap.com(查看原文) 阅读量:13 收藏

Introduction:

Sensitive Data Fields provide a dual control function in SAP to provide more security when changes are made in Business Partner Master Data records. After activating the Sensitive Data Fields functionality, changes done by one user must be confirmed by another user (authorized person), thereby facilitating strong control over unauthorized modification. Changes made in relevant Business Partner Master Data are visible but the account is automatically blocked for payment run till the changes are confirmed.

Dual control:

Dual control ensures that critical application processing activities are checked and released by an additional person.

In FS-PM, dual control is integrated into the release step of the New Business, Universal Change, and Change business processes, as well as the application interface of the New Business. The release of the Change services and the Change APIs do not support dual control.

Depending on the user who enters the application data and wishes to release the application, the system checks whether dual control is required. In the Change and Universal Change business processes, the system only checks this if the user has actually changed any check-relevant values during application processing.

Dual control is performed when applications are entered into the system for the first time. Applications that are released again in a reimplementation step are not checked. In Customizing, you define checks to control the conditions under which the system triggers dual control for an application and the user who is to check the application. You can also define checks that are to be performed on a random basis as opposed to general checks.

If none of the conditions defined in Customizing apply to the dual control of an application, the user can release the application. If at least one of the conditions applies, the system categorizes the application as being subject to checking and interrupts the release of the business process. Users who are allowed to check the application receive a work item through SAP Workflow that allows them to resume processing of the application. The checker can release the application, process it, or return it to the first processor.

Symptom:

The customer should be blocked whenever there is a change in Sensitive Data Fields.

Defining the Sensitive Data Fields:

You can specify for which fields of the Customer master records the dual control principle applies.

Example:

The alternative payee field has been defined as sensitive in the Customizing table. If the accounting clerk responsible changes the entry in this field in the customer master record, the account is blocked for the payment run until a second person with authorization confirms the change to the master data.

Activities:

Define the required fields as sensitive. You can choose the fields using the possible entries button.

SPRO -> IMG-> Financial Accounting-> Accounts Receivable and Account Payable-> Customer Accounts-> Master Data-> Preparations for creating Customer Master Data-> Define Sensitive Fields for Dual Control.

Maintaining Sensitive Fields:

You can define fields as sensitive in the customer master records. If you define a field in the customer master record as sensitive, the corresponding customer account is blocked for payment if the entry in this field is changed. To remove the block, a second person with authorization must check the change, and confirm or reject it.

Payment Block :

Terms Of Payment :

Payment Methods:

KNA1-SPERZ Payment block
KNB1-ZTERM Terms of Payment
KNB1-ZWELS Payment Methods

Changing Sensitive Fields in Business Partner Master Data:

1.Execute Transaction Code BP.

2.Enter Customer Number.

3.Go to Customer Payment Transactions tap.

4. Change Terms of Payment Details

5.Save

Review / Confirmation of Changes:

Execute Transaction Code FD08

Review the changes.

Confirm the changes.

Conclusion :

In this way, unauthorized changes in Business Partner master data can be effectively controlled thereby reducing overall business risk.

SAP Note Reference : https://me.sap.com/notes/0002899852


文章来源: https://blogs.sap.com/2023/10/22/blocking-the-business-partner-when-changing-the-sensitive-data-of-business-partnercustomer-dual-control-functionality-in-sap/
如有侵权请联系:admin#unsafe.sh