Hello Gurus,

I have got a list of t-codes from my functional consultants

.

E.g.

1) Authorization for top management

Whole menu in HR, FICO and MM

2) Authorization for document creation/ Parking

fin acctg->GL->Periodic Processing->Closing->Valuate

FBS1 - Enter Accrual/Deferral Document

F.81 - Reverse Accrual/Deferral Document

fin acctg->A/P->Document Entry->Down Payment

fin acctg->A/P->Document Entry->Outgoing Payment

fin acctg->A/P->Document->More Functions

FBZ5 - Print Payment Forms

fin acctg->A/P->Periodic Processing

F110 - Payments

fin acctg->A/P->WithHolding Tax->India

fin acctg->Banks->Incomings->Bank Statement

FF67 - Manual Entry

FF_5 - Import

FEBP - Post

FF_6 - Display

FEBA_BANK_STATEMENT - Reprocess

fin acctg->Banks->Outgoings->Automatic Payment

fin acctg->Banks->Information System

Here, " fin acctg->A/P->Document Entry->Down Payment " means, whole menu under " fin acctg->A/P->Document Entry->Down Payment " and

fin acctg->Banks->Incomings->Bank Statement

FF67 - Manual Entry

FF_5 - Import

FEBP - Post

FF_6 - Display

FEBA_BANK_STATEMENT - Reprocess

Means authorization for only this T-code under the menu " fin acctg->Banks->Incomings->Bank Statement "

I have created Role using the user authorization matrix I have received using "PFCG" T-code. Now, the problem I am facing is giving additional authorization to some critical objects. How to avoid this situation?

How to make sure that users have got only the authorizations as per the authorization matrix? I never get the accuracy, either I give authorization to some additinol object or do not assign some crucial objects.

When i create Role based on the list, using PFCG, i get some object in yellow, i either have to deactivate it or assign it to the role. I generally assign it to the role.

It will be great if i get some good notes/ guidance on this from you.

Thanks and Regards,

Rahul