Financial Management Blogs by Members
Dive into a treasure trove of SAP financial management wisdom shared by a vibrant community of bloggers. Submit a blog post of your own to share knowledge.
Showing results for 
Search instead for 
Did you mean: 
Process Controls as a concept is about providing a centralized controls and compliance management solution. It is designed to assess, document, evaluate, monitor and report the effectiveness of internal controls.

One of the core component of Process Control is Continuous Control Monitoring (CCM). This component monitors the ERP systems based on Business Rule logic and sends exception alerts to the control owners based on the deficieny criteria defined in the Business Rule.

Note: Process Control does not block any business transaction in the ERP system. 

For more details how to configure Business Rule for configurable scenario, please refer below wiki.

Business Rule Functionality – Governance, Risk and Compliance – SCN Wiki


Business Scenario: GL account is a master data entity in SAP and it is the heart of financial statements where accounting data is posted from journals and aggregated from subledgers, such as accounts payable, accounts receivable, cash management, fixed assets, purchasing and projects hence monitoring the GL Master Changes settings like blocked for posting in company code is critical to prevent manipulations in the Financial Statements.

T-code FS00 can be used to maintain GL Account and add or remove the block for posting in company code or chart of accounts.

In below example, we will use configurable data source type and business rule in GRC Process Controls to identify the execptions and send alert to the control owner based on a particular company code deemed as sensitive in the enterprise.

Transaction Code FS00


As we are using configurable sub scenario with analysis type as changes, it is mandatory to ensure table logging is active in the ERP system. The table SKB1stores GL Account Master Data Changes.

Go to T-code SE11 then Technical Settings and ensure Log Changes field is selected as shown in below screenshot

Log Changes Active


Once above steps are validated, please setup the GRC Process Control Master Data

  1. Organization

  2. Business Process

  3. Sub process

  4. Risk

  5. Control

  6. Assign a control owner in the roles tab of control

  7. Create a Data Source

  8. Create Business Rule by using the data source created in step 7

  9. Assign Business Rule to the Control

  10. Go to Scheduling then Automated Monitoring and schedule a job by selecting the control

Create Data Source like shown in the below screenshots

Data Source

Data Source

Data Source data received from ERP system

Now let's see the setup of Business Rule

Business Rule

Business Rule

Business Rule

Business Rule

Business Rule

Business Rule

Business Rule

Now let's see the control performance of the automated monitoring

Control Monitoring

Control Result

Control Result

Finally, lets validate the GL account block for posting changed

Compared with FS00 Result

Conclusion: Continuous Control Monitoring can help organizations in enhancing their cybersecurity program. It can reduce the damage before it is too late and management can proactively monitor the critical financial risks and remediate issues.