Spot the differences between the two pictures (please comment) In the SAP GRC standard rulebook, ABZK is grouped under the conflicting function "Asset Document", while FB01 falls under functions like "Post Journal Entries, Vendor Invoices, and Customer Invoices". It makes you wonder why similar transactions are treated differently...... #accenture #accenturesecurity #sap #sapsecurity
Got to be specific with the underlying auths - in both your roles and ruleset(s) - to lock down the broad activity (FB01) transactions.
Response time also the difference..
Totally agree. We’ve seen the same with payment risks—transactions like F-07 or F-53 are flagged, but you can’t actually make payments with them unless you use F110 or F111. These T-codes just post accounting documents; they don’t trigger real payments. Standard rulebooks often miss that kind of process detail. Definitely worth customizing based on how things actually work in your system.
Well put, Tiede-Jan
ABZK records Fixed asset and FB01 is for Journal Entries
Exactly the same program 😄. What happens if you display them with SE93? Any differences there?
Director - KPMG India | Leadership in Digital Risk and Advisory | Controls Transformation & Compliance Specialist
1dAgree, there are multiple such cases which makes me think and make relevant changes.