07-18-2013 11:08 AM
hello expert
question
on client there key users who made user maintenance, and technical support for users
now they wont to give to this user part of FI MD (FB01, FB02 e.t.c) maintain.
is this ok from SoD side? or how to prove that this is High critical and cant be like this?
Thanks in advans
09-27-2013 1:18 PM
Hello Andrej,
I don´t know if your question is still actual.
It is better to post this kind of question on GRC forum.
FB01 and FB02 is not maintenance of master data but FB01 is general transaction for posting of any type of FI document.
FB02 is a change but in fact you can change some text fields only.
Between user maintenance and posting of FI document is (actually) no risk as well as between user maintenance and FI master data maintenance.
regards
Igor
09-27-2013 2:32 PM
MAybe your client has a general rule that if a user has user maintenance authorization, it is not allowed to have functional authorizations (like FI) as well. But maybe it is better to question the ones who have set up the SoD ruleseset?