cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP HR: Should it be a separate system or a shared one?

Go to solution
Former Member

on ‎09-22-2008 1:00 PM

0 Kudos

Hi friends,

We are in the decision point in our project about the system landscape of SAP HCM system.

There are three options we are considering about SAP HCM installation:

1. On a separate system

2. On a shared system with other modules but separate client

3. On a shared system & client with other modules.

The most important concern of my client is the confidentiality of the salary & payroll data.

Thus, they think that we may enhance confidentiality if we separate the HR system physically.

However, there will be a lot of integration points of HR module with other modules (FI, CO, cProjects), thus I believe that separating the HR system would slow down the speed of the project.

Please share you ideas & experience with me on this regard so that I can offer them a logical solution.

Thanks in advance,

Best Regards,

Dilek

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

JPReyes
Active Contributor
‎09-22-2008 1:07 PM
0 Kudos

If I was you.... same system/same client.... theres security steps that you can take to protect the data and in the long terms is much better administration wise

regards

Juan

Show replies
Show replies
Former Member
‎09-22-2008 2:24 PM
0 Kudos

Thanx Juan,

I prefer same system/same client architecture as well; however, I need a logical reasoning to declare to my client. Could you pls throw some light on the security steps you have mentioned?

Dilek

Former Member
‎09-22-2008 2:39 PM
0 Kudos

Hello Dilek,

I assume that security Juan means control via authorizations. I mean say for data integrity purposes your client wants that CO department users should not have access to payrolls then this can easily be controlled using roles and authorizations.

Regards.

Ruchit.

JPReyes
Active Contributor
‎09-22-2008 2:45 PM
0 Kudos

Basically you need to sit down with your project manager and create a blueprint of your scenario... as your system is already running and you just need to focus on HR implementation and security.

Security wise you need to create roles for the people who will be testing and handling the module, once the roles are created you need to do extensive integration testing so you can ensure that no information leak is possible. if you have no expirience with authorization in HR i'll recommend you to do HR940 course.

Also, remember looking into SOD's

Hope this help

Juan

Answers (1)

Answers (1)

Former Member
‎09-22-2008 3:17 PM
0 Kudos

Hi,

As suggested by Juan and Ruchit you can restrict the things by roles.

It is not needed to go for a new system or new client.

Going for a new client would again occupy more space then again you need to maintain the master data and all the other stuff. I think you should use the same client and restrict the users with the authorization mostly we restict the users using the auth object p_orgin.

Regards,

Vamshi.

Show replies
Show replies
Ask a Question