Hi Carlos

An unusual request for an MM user - what do they gain by accessing this transaction and why do they need it? One little transaction opens the ways for lots 'extra ones' unless you want to build a role per transaction...

Cheers

David

Hi Carlos,

Technically the object F_PAYR_BUK with 03 & $BUKRS only providesd display access to view checks. So it should not be an issue.. However from a security standpoint we can try to keep away such requirements as much as we can for the following reasons.

1. The Object F_PAYR_BUK is the prime auth check for most of the check maintenance tcodes including FCH4, FCH5 etc..

2. The same object is checked for FCH1 which provides bank account number details for payments which in some of the clients is confidential data.

3. Ideally all check maintenance tcodes fall under the purview of FI-AP & FI-TR areas based on the organisation. So opening up these tcodes to MM will have to be justified accordingly...

4. An cross pollination for whatsoever reason can bring in the risk which needs to be monitored continuously... Hence some monitoring effort has to be involved to make sure the objects are in display mode only for all buyers...

Hope these inputs help.

Regards,

Sri

Althought it seems no to be a problem, I will leave things working as standard, even if buyer have to call to check on payments to the suppliers.

Regards,

Thank you.

Carlos