- SAP Community
- Products and Technology
- Additional Q&A
- Template for reviewing new transactions.
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Template for reviewing new transactions.
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 10-06-2010 3:31 PM
Hello,
I need a way to track new Z transactions as they are created, to ensure that they are reviewed for potential SOD issues and, if needed, added into Virsa.
Can someone point me to a document that I can use as a template for this?
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Michael,
There is no pre-defined document for tracking the custom transaction built. However, with my expertise in dealing the custom transaction codes, below are some of the tips:
Checklist:
1. Ensure that the AUTHORITY CHECK statement is included in the custom tcode - The AUTHORITY CHECK statement can be used to restrict the authorization to a specific plant/company code.
2. If the tcode is a table maintenance tcode, ensure that S_TABU_DIS is tagged to the authorization data in SU24 with authorization to the required table authorization group. If you are on the latest stack, you may use S_TABU_NAM using which the tablename can be maintained directly.
3. Look for the code for any tcodes that are called internally using CALL TCODE funtion. In such case, the authorization objects that are maintained for the call tcode, should be maintained for the Z tcode too.
Template should contain:
1. The SOD analysis at Permission Level & Action level.
2. The Role owner information.
3. Incase of any risks, the Control Objective and how it should be applied.
4. Risk Monitor and Mitigation Control Owner Information.
5. Business process to which the risk should belong to.
6. Management approver information of the business process.
Also, the function ID and the Risk IDs should be either mentioned in the template or should the Security team have a predefined processes in naming the IDs.
Do let me know if I can further assist you!!
Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Answers (2)
Answers (2)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
If the requirement is to alert when a custom transaction code is created, you may restrict the access of SE93 (maintain) only to a Firefighter ID. This will alert on the transaction usage, and also sends login/logout notifications.
Alternative is to have a user exit with SE93 tcode as recommended in the other post.
Hope this answers.
Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Michael,
per my understanding you need alerts whenever Ztcodes are created.
Kindly request your ABAPer to either create User Exit or (Implicit or Explicit Enhancement) in SE93.
Or download values from table TSTC every Monday and do Vlookup in Excel with data from last week for all Z* tcodes.
hope this help.
regards,
surpreet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- SAP Activate Methodology Accelerators - Error in Product Lifecycle Management Q&A
- SAP Build Process Automation Pre-built content for Finance Use cases in Technology Blogs by SAP
- Payment Batch Configurations SAP BCM - S4HANA in Financial Management Blogs by Members
- SAP Sustainability Footprint Management: Q1-24 Updates & Highlights in Technology Blogs by SAP
- SAP Build Code - Speed up your development with Generative AI Assistant - Joule in Technology Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.