Solved: Change Documents for PFCG role changes

Former Member · ‎05-20-2010

Hello All - What you guys do when you get request to update/change role authorizations?

- Do you create requirement document to capture the change and to get approvals from business?

- Is validation team involved in review req. documents?

- What is the process usually companies follow to move change from Dev-QAS-PRD, who all will be involved in approving changes?

Any suggestions guys?

Thanks in advance.

Former Member · ‎05-20-2010

> Hello All - What you guys do when you get request to update/change role authorizations?

If you build roles on a need-to-have basis proposed from the menu, then normally I respond immediately to thank them for the feedback and effort to test the role in QAS, or I assign their old reference user copy back to them in PROD and take a closer look.

> - Do you create requirement document to capture the change and to get approvals from business?

Normally yes, but it depends.

> - Is validation team involved in review req. documents?

Normally yes, but it depends.

> - What is the process usually companies follow to move change from Dev-QAS-PRD, who all will be involved in approving changes?

It depends.

A role naming convention in combination with as few roles as possible helps in all respects (to find them, administrate them, and also to trouble-shoot them in exceptional cases outside of DEV-QAS-PRD pipelines).

It also depends what the role is for. There are lots of options, but keeping it simple is worth gold as far as "survival" of your intended concept is concerned.

Cheers,

Julius

Former Member · ‎05-20-2010

> Hello All - What you guys do when you get request to update/change role authorizations?

If you build roles on a need-to-have basis proposed from the menu, then normally I respond immediately to thank them for the feedback and effort to test the role in QAS, or I assign their old reference user copy back to them in PROD and take a closer look.

> - Do you create requirement document to capture the change and to get approvals from business?

Normally yes, but it depends.

> - Is validation team involved in review req. documents?

Normally yes, but it depends.

> - What is the process usually companies follow to move change from Dev-QAS-PRD, who all will be involved in approving changes?

It depends.

A role naming convention in combination with as few roles as possible helps in all respects (to find them, administrate them, and also to trouble-shoot them in exceptional cases outside of DEV-QAS-PRD pipelines).

It also depends what the role is for. There are lots of options, but keeping it simple is worth gold as far as "survival" of your intended concept is concerned.

Cheers,

Julius

Former Member · ‎05-20-2010

Julius - hmmm! that was neutral reply

In our landscape, BA's for ECC create their module roles. so we have about 15 BA's doing roles, process is:

-we get request in ticket, from there we do our change on Dev and push the change to PRD with change request form.

-we dont do requirements nor we functional verification for security (its all documented testing)

For some reason I dont like the process, so with management approval we enforced requirements documents. BA's dont like because its extra work to them.

1) however everyone started doing req. document for NEW roles?

2) but they dont want to do Req. doc for Existing role?

So I am thinking on how to sell my idea( encourage req. doc) for item 2

Any suggestions?

Thanks Much.

Former Member · ‎05-20-2010

Answers can only be as good as the question...

You can throw an admin cloak over the lot if you want to. Good luck!

Personally I prefer doing some tests myself before passing it on, as the quality of requirements tend to vary, as well as the choice of transaction. This is not easy, but helps a lot and you can advise them on a better choice or bad habits or redundant functionality, obsolete custom coding, etc...

Cheers,

Julius

Former Member · ‎05-21-2010

>


> Hello All - What you guys do when you get request to update/change role authorizations?
>

We do have a standard change management process for creating new role or Updating the existing roles. Change management process involves

1. Gathering the requirement and documenting the same.

2. Validating with BA's for any correction required.

3. Coordinating with Change SME's for configuration and quality review.

4. Requesting BA's to test the changes and document the test results.

5. Validating the test results.

6. Finally moving the changes to production.

7. Verifying the change in production.

>


>  Do you create requirement document to capture the change and to get approvals from business?
>

Yes we do for our future reference.

>


> - Is validation team involved in review req. documents?
>

Yes All changes needs to be reviewed and validated by BA's to ensure no SoD is created while creating new roles or updating existing roles.

Hope this helps.

Thanks.

Anjan

Former Member · ‎05-21-2010

This is called change management.

They raise Change request for any role changes.

After Business approval, we start work on development and provide test id in Dev.

After sucessful test, transport moed to QA system with Quality apporval.

After test in QA systems with test ids, transport will be moved to production.

This is normail change management.

If this emergency, we work dev and moved to Q and prod with less approval.

we use cHARAM /with out cHARAM tool of solution manager for this activity.

Former Member · ‎05-28-2010

Guys-Thanks much for your suggestions, we also follow simillar approach per now. BA community doesnt like this approach as this idea is adding up extra work to them.

I am still holding my ground on proposed model, lets see how it goes. Wish me good luck guys

-AJ