Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Showing results for 
Search instead for 
Did you mean: 

1. Introduction


Sensitive Data Fields provides dual control function in SAP to provide more security when changes are made in Customer and Vendor Master Data records. After activating Sensitive Data Fields functionality, changes done by one profile (Ex. Clerk) in AP and AR Master Data has to be confirmed by another profile (authorized person), thereby facilitating strong control over unauthorized modification. Changes made in relevant Customer or Vendor Master Data are visible but the account is automatically blocked for payment run till the changes are confirmed.

If this function is not activated then when the master data for a customer/vendor is changed then all business processes, including for example a payment run, can be executed immediately afterwards without the changes having being confirmed regarding the 4-eyes-principles. The risk of fraudulent behavior, especially in payments to vendor and customer, remains higher than a situation where the changes of sensitive data fields need to be confirmed by another person.


2. Steps


Standard SAP offers the possibility to define sensitive fields for both customer and vendor data. This customization is at Client level and is applicable for all Customer or Vendor account groups.


Customer Master Data

      1.    IMG Path for customization of Sensitive Fields for Customers:

IMG -> Financial Accounting -> Accounts Receivable and Account Payable -> Customer Accounts -> Master Data -> Preparations for Creating Customer Master Data -> Define Sensitive Fields for Dual Control. Single data fields can be defined as sensitive.

  Similar customizing exists for vendor accounts.


     2.    Maintaining Sensitive Fields:

       Below screenshot shows various fields available for customization as Sensitive data fields.

       This includes Customer name and address, Bank details etc.

     

     3.    Terms of payment saved as Sensitive Field:

       

     4.    Changing Payment Terms in Customer Master Data:

        

        

        Existing payment term is FB00

     

        Terms of payment have been changed from FB00 to FB09

        

     

         Changes saved with an information message to confirm the changes


     5.    Display Customer Master Data:

          

        

         Changes available for display but the same are required to be confirmed.

    6.    Confirmation of Change:

       

       

       

       Changes made can be displayed by clicking Changes to sensitive fields

       Below screen provides details of changes made

     

       Changes have not been confirmed

     7. Executing Automatic Payment Run:

       Customer has open item (T Code: FBL5N)

      

      

        Executing Payment Run without confirming the changes (T Code: F110)

     

     

     

     

       Account was not considered for payment run due to unconfirmed changes.


Vendor Master Data

    1. IMG Path for customization of Sensitive Fields for Vendors:

     IMG-> Financial Accounting-> Accounts Receivable and Account Payable-> Vendor Accounts-> Master Data-> Preparations for               creating Vendor Master Data-> Define Sensitive Fields for Dual Control. Single data fields can be defined as sensitive.

      

     2.    Maintaining Sensitive Fields:

      

      Below screenshot shows various fields available for customization as Sensitive data fields.

      This includes Vendor name and address, Payment terms, Dunning data etc.

        

      3.    City and Accounting Clerk Field have been saved as Sensitive Field:

        

     4.    Changing Sensitive Fields in Vendor Master Data:

      

      

     

        City changed from Montvale to Rutherford

      

        Accounting clerk field was empty

     

        Now filled with AP

     

     

       Changes available for display but the same are required to be confirmed.

    5.    Display Vendor Master Data

       

        

      

          Changes made are available for display

   6.    Confirmation of Change

    

     

     

       Changes done in city comes under Vendor Master General Data

    

       Changes done in Accounting clerk comes under the preview of Company Code Data

     

     

7.  Executing Automatic Payment Run:

       Vendor Open item ready for payment run (T Code: FBL1N)

     

      

        Executing Automatic Payment Program (T Code F110)

      

      

      

      

      Vendor is blocked for payment due to unconfirmed changes.


3.    Customized solution


As already mentioned, Sensitive Data Field functionality provided by standard SAP is at client level and therefore applicable for all the customer and Vendor account groups existing in the system. Based on customer request, this functionality can be activated for specific account groups.

In our project, Customer and Vendor Account groups have been created at country level. To fulfill customer requirement, A custom table has been created to maintain the relevant account groups and Sensitive Data Fields.

     

Also we have added one enhancement spot in include MF02DFEX for customer MF02KFEX for vendor. Accordingly Sensitive Data Field functionality has been activated at account group level.

      

      

In this way, unauthorized changes in Customer and Vendor master data can be effectively controlled thereby reducing overall business risk.

28 Comments