Skip to Content

Knowledge is power, but with great (SAP) power comes great responsibility


Many companies discourage their employees from using SAP for what it was intended – enterprise. Organisations still continue to prevent their people working outside their own specific and dedicated SAP functional area. I consistently see SAP authority roles for just one or a few transactions, and usually Z transactions, because employers either do not want their people to venture into other areas of SAP or simple they have not been given sufficient training.


Use Sarbanes sensibly 

There are two distinct reasons for this. Firstly, Sarbanes Oxley and its imitators’ regulations have unnerved companies by encouraging segregation of duties as much as possible. These financial regulations should be used as guidelines only. Secondly, SAP implementations have usually focussed on the delivery and any deeper training further than the SAP Super-users always seems to run out of steam. This is due either to users returning to the business before they’ve fully trained their teams or that Super-users enjoy keeping the knowledge in their domain.

I’ve worked for a client who gave their users the single (yes one) order transaction – VA01. If they wanted to review customer’s orders or order patterns they asked someone higher up the chain to run a report, print it and pass it to them. If they needed to change an order they had to ask someone with that access or start over.


Segragate but don’t choke ideas

SAP and their GRC Virsa product works hard to manage the segregation within SAP transactions but this has to be used with common sense and with sign-off by the internal and external Audit teams.

Companies should allow Display functions e.g. VA03, VL03N or VF03 for the relevant business teams, they should also provide full reporting access to users whether it’s for standard SAP reports or bespoke Z reports written for the specific area. If not, there can be little hope to empower users or obtain the insight that only your employees can provide. Competitive advantage will be lost if you close your people out of  analysis-type reporting. Open the access and then allow them to use that reporting to suggest improvements in your business.


Ask people

Process improvements of course do need to be managed carefully to avoid any demotivation, and to sensitively manage some of the more radical or unworkable suggestions. There are many management tools to help do this and for ‘prising out the pearls’ be it a well-structured, open and informal meeting (with an agenda), a brainstorm or the more formal six-sigma approach and drilling down to an issue or opportunity.


SAP navigation – the basics again

The second area which is closely connected with access and one which I get very passionate about (and sometimes even angry!) is the lack of basic SAP navigation training.  It is simply pointless giving someone access to one complex R/3, CRM or BW report if you do not show them how to do the most basic navigation and flexibility in the system. As is investing so much money on software and spending no time on training. Basic training, for example new session opening and icon education or saving to Excel, amazingly still seems to be rare or non-existent in many large organisations.


The difference that even just some 10-minute training can make is so enlightening to the trainer and startling to the user who may have suffered in ignorance and silence for years. I recently worked for a client where senior staff had used the same SAP report variant they’d been shown years ago. Several new fields had been added to the program, via some expensive ABAP, to improve the data but that knowledge and the education to add those fields to variants hadn’t been passed down at all. Basic training, done simply using clear language and avoiding SAP jargon as much as possible can radically change perceptions.


SAP is simple

The approaches described above can only encourage more personal responsibility. I don’t believe there are any real risks, providing you get sign-off on SAP access and segregation from your Audit teams. Most importantly it will motivate and encourage your people to question and challenge current practise and habits and hopefully provide you with new ideas, innovation and better business opportunities.

You must be Logged on to comment or reply to a post.
  • A nice post albeit with at least one extreme example of transaction paranoia! I’d agree that SOD guidelines are just that, guidelines, I would also agree that for the most part users should be given a relatively free reign to access the standard reports in SAP and especially the view only transactions for work relevant to them. I suspect that in the example you cite, that a couple of factors were at play; lack of intelligent security authorization object consultant skills; a highly ‘command and conquer’ autocratic organizational model and some fundamental misunderstandings or ignorance about the needs of the business. Good to see that you found them and hopefully your comments and thoughts on the matter were taken to heart by the keepers of the keys.
    • Thanks for your kind words, sadly in one of my examples little has changed since I was there.The culture needs to shift first and that’s often a step too far.