Authorization Objects and Enhanced Authorization Check in SPL
About the Document
The document provides an overview of authorization objects in GTS and Enhanced authorization check in Sanction Party List Screening.
Table of Contents
- Business Scenario
- Solution Overview
- Overview of Authorization objects in GTS
- Enhanced Authorization check in Sanction Partly List Screening Area
- Master Data Settings for Enhanced Authorization Check
- Display Business Partner Assignment with FTO
- Additional Information
Business wants to have separate authorization based on FTO i.e. users from FTO ABC should not be able to display or release documents of FTO XYZ and vice versa. Business also wants that compliance manager of FTO ABC should not be able to display and release blocked BPs of FTO XYZ and vice versa.
SAP GTS comes with several authorization objects which can be used to separate the responsibilities and roles clearly based on certain authorization objects e.g. FTO, Legal Regulation etc. We will see how we can utilize these standard authorization objects to meet the business requirement.
GTS also comes with extended authorization check functionality in Sanction Party List Screening area. We will explore how we can utilize the same to meet the business requirement
Overview of Authorization Objects in GTS
GTS provides a number of authorization objects which can be used to segregate roles and responsibilities based on objects like FTO, Legal Regulation, Administrative Unit, Document Type etc.
Some of the standard authorization objects are, but not limited to, GTS_CD_FTO, GTS_CD_LRG, GTS_CD_CDT etc.We can use these authorization objects to restrict users from displaying customs document in GTS if they don’t belong to that FTO, for instance.
For the given business requirement in our example, where business wants to restrict the display and release of customs documents in GTS based on FTO, we can use the authorization object GTS_CD_FTO. Once we have restricted the authorization based on this authorization object, users will not be able to display and release documents of any other FTO than the one assigned to them. In such cases, they will receive the error that “No Data Found; change the selection criteria’ as shown below, if they try to display customs document of any other FTO.
Enhanced Authorization Check in Sanction Party List Screening Area
GTS comes with enhanced authorization check feature in Sanction Party List Screening Area. If this check is activated in customizing, system will also check FTO assigned to the user before performing Sanction Party List Screening for a Business Partner. This can be activated at business partner function level in customizing in below SPRO path:
Global Trade Services -> Compliance Management -> Activate Business Partner at Business Partner Function Level
Select the BP role for which you want to activate this check and click on the check box “Enhanced Authorization Check in Sanction Party List Screening Area”
Master Data Settings for Enhanced Authorization Check
Once you have activated enhanced authorization check, it is important to assign FTOs to Business Partner in GTS in order for system to recognize which Business Partner belongs to which FTO. The same can be done at below path:
GTS Menu -> Sanction Party List Screening -> Master Data -> Business Partner
Here you can get following options to assign Business Partners to FTO. You can assign Customers, Vendors, Employees and General BP to FTO, for instance Assign Customer to Foreign Trade Org.
Enter Logical System Group and Foreign Trade Organization:
System will propose all the list of assigned and unassigned customers for given FTO which you enter on initial Screen. Just click on save button to do the assignments.
Icon means customer is not assigned to FTO (assignment in initial)
Icon means customer is assigned to FTO
Use this button to reset the assignment
Click on save button. System will do the assignment
Display Business Partner Assignment with FTO
Once you have done the assignments, you can display the assignment in various standard reports as demonstrated below for report “Display Business Partner of Negative List”
Execute report “Display Business Partner on Negative List”. You can filter the report based on FTO as well.
Select the Business Partner and click on highlighted icon
It will show the assigned FTOs as shown below
When you transfer Customer/Vendor etc. from ECC to GTS, system automatically copies the assignment of business partners company code assignment from ECC to relevant Foreign Trade Organization in GTS. The same can be found in table /SAPSLL/PARMA in GTS.
We have seen the standard authorization objects that can be used to restrict the display and release of customs documents in GTS. We have also seen the concept of enhanced authorization check in Sanction Party List Screening area in GTS. We have seen how to maintain the assignment of FTO with business partner in GTS.
Kindly provide your feedback on this document and this standard SAP functionality if you happen to implement it for your customers.
Keep it up your interest on posting new things here what you know..... 😘 🙂
Thanks Venu for your feedback
Very useful document vaibhav , keep it up .
Thank you Raghavendra for your feedback
Could you please tell us where we can restrict the authorization object GTS_CD_FTO.
Thanks a lot.
Venu Gopala reddy.
it has to be set by security guys in t-code PFCG for role maintenance.
i use to read your documents and solutions in my free time. this is very good document and really helpful for learners like me.
Thanks Srinivas for your feedback
Nice one Kul...very informative.