Hiding costing related information to external use...

Former Member · ‎04-15-2009

Hi

We have several transcations where we have internal and external users using the transcation where we have financial information and would not like to make it visible to external users.

Can you please let me know the various options available to avoid external users with the financial data.

Few of the transcations are MIGO,CORT,CORS.MI03

Thanks in advance.

Regards

Praveen

Former Member · ‎04-15-2009

Hi Praveen,

The best answer to this would be to restrict this at the transaction level itself. The business should decide not give access to any of the tcodes to the users which can expose data related to costing etc.

But, then if the tcode needs to be given but restricted then you may have to use your security expertise to find out which are the objects that could be restricted in the user's role. for eg in MIGO it would be :

F_BKPF_BUK Accounting Document: Authorization for Company Codes

Regards,

Subbu

Former Member · ‎04-15-2009

Hi

We would be requiring our vendors to have the transcation access but would only require only financial information to be hidden.

so is your suggestion the only option

Regards

Praveen

Former Member · ‎04-15-2009

Hi Praveen,

This is one possible object that I believe for one tcode MIGO. (I have not tested it). But then you may have similar objects in each tcode which can be restricted.

Regards,

Subbu

Former Member · ‎04-15-2009

Hi

I am not a security guy,with your experience/expertise could you let me know the auth objects for transcations like

CORS

MIGO

CORT

MB5T

MI03

MM03

MMBE

Regards

Praveen

Former Member · ‎04-15-2009

Hi,

I am sorry. You have to work this out with your security consultant,

Regards,

Subbu

Former Member · ‎04-15-2009

Thanks..you have definitely provided a clue..

Hiding costing related information to external users