GDRP Change Logging & SuccessFactors Employee Central Change Audit
Background: In my last blog, I have discussed on the GDRP Right of access by the data subject & SuccessFactors Information Report. In this blog, I am going to provide some basic step detail to address the “Change Logging” functionality of GDPR. For “Change Logging” functionality SuccessFactors has provided the functionality called as “Change Audit”. Change Audit is very simple to configure, just we have to provide some additional access in role.
Step 1 (Permission): Provide permission to the role for which you want to grant the Change Audit Report access. Relevant permission is provided below.
Step 2 (Activate): Activate the Change Audit. Path Admin Center –> Manage Audit Configuration.
Step 3 (Create Report): Navigate to Admin Center –> Change Audit Reports –> Create Personal Data Report. ( For Employee Central Reports)
In Admin Center –> Change Audit Reports we have 3 different options like Create Personal Data Report, Create Configuration Data Report & Access Reports.
Create Personal Data Report has 3 options. Person Search, External User Search & Onboardee Search (not present in the below screen shot below as Onboarding is not activated in my demo instance). For Employee Central “Person Search” is relevant.
Sample Input Screen for Person Search
Activity: For Person Search, we have 2 different activities; Change On Subject User & Change By User. Change On Subject User is used to check what changes have been done for Subject User & Change By User shows what changes is done by User & for whom the changes have been done.
Person: Provide the name of the person from whom you want the audit report.
Modules: In the modules, it shows different SuccessFactors Module. Select the relevant module as per your need.
Functional Areas: Based on Module Selection Functional Areas are populated. Select the relevant Functional Areas as per your need. Functional Areas are filtered based on Module Selection.
Time Range: Provide the range for which you need the Audit Report. We have a limitation on Time Range. In time range maximum, we can use 3 days’ interval. If the Time Range is more than 3 days, then it gives error message.
In case if you need more than 3 days’ change history then break the reports in different parts. Say for example if you need 9 days’ audit report then you can create 3 reports for 3 days each.
Step 4 (View Report): Navigate to Admin Center –> Change Audit Reports –> Access Reports.
Sample Report log:
Downloaded Sample Report.
In the report, it shows what value was changed at what Time Stamp. It shows what was the Old value & what is the New Value of field which is required as per GDPR Change Logging.
You have articulated very well. I have followed the same steps to generate audit reports. However, the reports are not populating with the data. I am getting the empty reports.
Great blog. Do you know if it's possible to schedule these reports to run on a daily basis? Also, how long is the data kept by SAP before it's deleted?
Is this funationality available for sales demos?
I've checcked two sales instances and can't see Manage Audit Configurations!
Thanks & regards,