Hi Alex,

Thanks for Quick response, can u please eloborate on the last point you have mentioned,

"Are you going to design based on tasks or groups of activities"... What are these tasks? and

After creation of roles and transporting them to Prod system, How to map the users to the roles( Mass user mapping) in the role based security and how mapping is done in position based security and which method is generally used?

Your answer is much appreciated.

Thanks

Sandhya

> "Are you going to design based on tasks or groups of activities"... What are these tasks? and

A task based approach is building a role based on small tasks such as process material (might have MM01 & MM02), manage FI doc (FB01, FB02)

An activity based approach could be something like AP Payment Processing where you combine all the transactions needed for AP Payment Processing (keeping in mind SoD's etc)

Task based is often easier to set up, but has a higher maintenance overhead usually.

Function or job based approach takes more effort (I estimate about 30% more) in design phase but can be reduced maintenance if you do it well

> After creation of roles and transporting them to Prod system, How to map the users to the roles( Mass user mapping) in the role based security and how mapping is done in position based security and which method is generally used?

You can use an eCATT (search this forum + web for tutorials) and SU10 to allocate roles to users. Your functional team and business should identify the users and roles which you need to set up.

Hi Alex,

Thanks a lot for your information.