Hi Team,
As per SAP standard, one is able to change the status of Availability Control (AVAC) within PS through CJBW (deactivate AVAC), CJBV (activate AVAC) and CJBN (reconstruct AVAC). As such we have limited the access to these transaction codes to our PS super users only as they are critical actions.
We have found that a few users have been able to deactivate AVAC on a project through the following transactions:
| FBV0 - Post parked document |
| FBVB - Post parked document |
| FV50 - Park General Ledger Account Documents |
| FV60 - Park Incomming Invoice |
| IW32 - Change Work Order |
| ME21N - Create Purchase Order |
| ME22N - Change Purchase Order |
| ME54N - Release Purchase Requisition |
| MIGO_GI - Goods Issues |
| ML81N - Service Entry Sheet |
| MR8M - Cancel Invoice |
The above was identified using table JCDS - status change logs which was executed for WBS element objects when project overspend was investigated. If the above is true, this would cause a situation in that any person who has access to the above would be able to deactivate AVAC on a project.
This can not be allowed as all forms of capital governance is lost in that individuals within the the Buying/Procurement/Contract department can override budget controls put in place by the Capital Portfolio department.
We have tried many times to replicate the issue but we have been unsuccessful and after taking this issue to SAP and no assistance being available as we can not provide steps to replicate, we would like to know if anyone else has seen this issue or has had this same issue?
We have subsequently setup a CJBN batch job to execute daily as a preventative measure but this still will not prevent the issue from reoccuring.
Any help or guidance is greatly appreciated.
Thanks a lot.
Syanne
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.