Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User maintenance and FI master data maintain in one person SoD risks

Former Member

‎07-18-2013 11:08 AM

0 Kudos

hello expert

question

on client there key users who made user maintenance, and technical support for users

now they wont to give to this user part of FI MD (FB01, FB02 e.t.c) maintain.

is this ok from SoD side? or how to prove that this is High critical and cant be like this?

Thanks in advans

2 REPLIES 2

Former Member

‎09-27-2013 1:18 PM

0 Kudos

Hello Andrej,

I don´t know if your question is still actual.

It is better to post this kind of question on GRC forum.

FB01 and FB02 is not maintenance of master data but FB01 is general transaction for posting of any type of FI document.

FB02 is a change but in fact you can change some text fields only.

Between user maintenance and posting of FI document is (actually) no risk as well as between user maintenance and FI master data maintenance.

regards

Igor

Former Member

‎09-27-2013 2:32 PM

0 Kudos

MAybe your client has a general rule that if a user has user maintenance authorization, it is not allowed to have functional authorizations (like FI) as well.  But maybe it is better to question the ones who have set up the SoD ruleseset?