Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Showing results for 
Search instead for 
Did you mean: 
GOWRESHANHARAN
Explorer
0 Kudos
1,561

Introduction:

Sensitive Data Fields provide a dual control function in SAP to provide more security when changes are made in Business Partner Master Data records. After activating the Sensitive Data Fields functionality, changes done by one user and have to be confirmed by another user (authorized person), thereby facilitating strong control over unauthorized modification. Changes made in relevant Business Partner Master Data are visible but the account is automatically blocked for payment run till the changes are confirmed.

Dual control:


Dual control is a means of ensuring that critical application processing activities are checked and released by an additional person.

In FS-PM, dual control is integrated into the release step of the New Business, Universal Change, and Change business processes, as well as the application interface of the New Business. The release of the Change services and the Change APIs do not support dual control.

Depending on the user who enters the application data and wishes to release the application, the system checks whether dual control is required. In the Change and Universal Change business processes, the system only checks this if the user has actually changed any check-relevant values during application processing.

Dual control is performed when applications are entered into the system for the first time. Applications that are released again in a reimplementation step are not checked. In Customizing, you define checks to control the conditions under which the system triggers dual control for an application and the user who is to check the application. You can also define checks that are to be performed on a random basis as opposed to general checks.

If none of the conditions defined in Customizing apply to the dual control of an application, the user can release the application. If at least one of the conditions applies, the system categorizes the application as being subject to checking and interrupts the release of the business process. Users who are allowed to check the application receive a work item through SAP Workflow that allows them to resume processing of the application. The checker can release the application, process it, or return it to the first processor.

Symptom:


The vendor should be blocked for payments whenever there is a change in bank details.

Defining the Sensitive Data Fields:


You can specify for which fields of the Vendor master records the dual control principle applies.

Example:

The alternative payee field has been defined as sensitive in the Customizing table. If the accounting clerk responsible changes the entry in this field in the vendor master record, the account is blocked for the payment run until a second person with authorization confirms the change to the master data.

Activities:

Define the required fields as sensitive. You can choose the fields using the possible entries button.

SPRO -> IMG-> Financial Accounting-> Accounts Receivable and Account Payable-> Supplier Accounts-> Master Data-> Preparations for creating Supplier Master Data-> Define Sensitive Fields for Dual Control.

 

Maintaining Sensitive Fields:


You can define fields as sensitive in the vendor master records. If you define a field in the vendor master record as sensitive, the corresponding vendor account is blocked for payment if the entry in this field is changed. To remove the block, a second person with authorization must check the change, and confirm or reject it.

 

LFBK-BANKLBank Key
LFBK-BANKNBank Account
LFBK-BANKSBank Country/Region
LFBK-BANK_GUIDBP Bank GUID
LFBK-BKONTBank Control Key
TIBAN-IBANIBAN
TIBAN-VALID_FROMIBAN Valid From

 

Changing Sensitive Fields in Business Partner Master Data:

1.Execute Transaction Code BP.

2.Enter Supplier Number.

3.Go to Payment Transactions tap.

4. Change Bank Details

5.Save

 

 

Payment Block (Automatic Payment Run - F110):


The vendor is blocked for payment due to unconfirmed changes.

Review / Confirmation of Changes:

 


Execute Transaction Code FK08

 

Review the changes.

Confirm the changes.

 

Conclusion :


In this way, unauthorized changes in Business Partner master data can be effectively controlled thereby reducing overall business risk.

SAP Note Reference : https://me.sap.com/notes/0002899852

Labels in this area