Hi,

Just to add

Make sure you create new org fields or promote the auth fields to org fields when the system is installed freshely.

If the system is live and running and if you convert auth field to org field or create a new one then many SODs may come into picture and further company SOX may be voilated.(but expert analysis and design may avoid the problems)

I found the this link where you can begin your search [here|http://help.sap.com/saphelp_erp2005/helpdata/en/8e/47745453f84d20bd828e785a7d5eb6/frameset.htm]

Regards

Rakesh

Hi Rakesh,

I'm interested to hear of any SOD or SOX violations which would occur as a result of changing a field to an org level. After all, the content of the role will not necessarily change......

Cheers

Alex

Hi Alex,

I agree that if a authorization field is converted to organization field then the resulting role contents will be same.

Let us take an example of profit center authorization field which is distributed across the sytem in parent and derrived roles. If this field is promoted as an organization field then its no more maintained in the parent role and have to be maintained individually in derrived role. If the distribution is vast then few SODs may come into picture.

Let me know if I am missing something !

Rakesh

Hi Rakesh,

While that situation may lead to data issues, it's not going to lead to SOD's in the traditional sense. If you are working on data segregation then converting to an org level may help the effort from a design perspective rather than cause SOD's. There are drawbacks to creating org levels, just not convinced that increasing SOD's in one of them.

Cheers

Alex