Audit data and Configuration changes in SuccessFactors

Hi Everyone,

Hope everyone is staying safe and healthy

I have decided to write this blog  post on one of the salient and an imperative feature of SAP SuccessFactors- “Change Audit reports”. We all know the importance of audit in any organization, especially when working with Government data or any other sensitive personal information of the employee. However, this could be a complex process when the number of employee increases or the company has been established in many geographical locations with each city having its own policies.

Having said this, it is very much necessary that we keep track of what changes are being made at both configuration and data level. We should also be able to generate reports and submit to the audit team with click of a button.

SAP SuccessFactors’ Change Audit report is one such feature that provides you the Audit at both Configuration level , data level and even audits the Role permission changes.

Though there are other options like Check tool or Reports, Change Audit report would be the center idea of this blog post.

 

Types of Audit

 

Pre-requisites

 

1.Provisioning

You have to enable the following checkboxes in the provisioning system

Role Based Permissions

Enable Generic Objects- MDF

 

2.RBP Permissions

Once you have enabled the access in provisioning, follow the below path to provide necessary permissions.

Admin center->Manage Permission Roles->Select your desired Role->Under Administrative permissions->Select Admin center permissions.

Enable the below highlighted permissions.

 

 

3.Manage Audit Configuration

Next step is to navigate to Admin center -> Manage Audit Configuration and enable the below  buttons.

 

Personal Data Audit- This is for Data level changes

General Audit- This is for configuration data or business data reports.

Manage Audit Configuration

After enabling the button, click Save.  After about 24 hours or so, you will receive a mail informing you that the Change Audit feature has been activated in your system

Kudooosss…. !!!!

We are all set to use this feature.

Change Audit Reports

 

Now navigate to the Admin center-> Change Audit Reports

Let us first explore the Personal Data Report

Change Audit Configuration

 

Person Search

Click on the Person Search Tile , a pop up opens as shown below.

Select “Change On Subject User” when you would like to audit changes of an individual employee

Select “Change by User” when you want to audit the changes made by an individual employee or internal candidate to other people’s personal data.

Personal Data Report

 

Enter the Person name and select the modules as per the requirement. Once you select the modules, the Functional Areas will be automatically selected by the system. You can however, add or remove as per the requirement.

 

Select the Time range  not exceeding 7 days, as this is the limitation of Change Audit features. If you want a month’s audit report or so, you may have to generate multiple reports by selecting the Time range suitably.

You Can also generate the report on recurring basis by enabling the Recurrence button. Either downloading the File offline or directly sending the file to your SFTP cloud storage.

 

 

Once you have entered the necessary details, click Submit.

You could always track the status of the job under the Access Reports Tab. You would receive an email with the report download link .

 

Access Reports Section

 

A sample report is given below.

 

Change Audit Report

 

Source of the above table: www.help.sap.com.

 

You can apply the same method to extract the changes made by the External users or Onboardee as per the requirement.

                                                            External Candidate Changes

 

The Change audit configuration on Business data and configuration data will be covered in my next blog post.

 

https://blogs.sap.com/2021/06/13/configuration-audit-report-provisioning-system-rbp-and-mdf-objects/

 

I hope most of you would have got to know about this salient Change Audit report feature of SuccessFactors. This tool would really come handy when you decide to audit the changes made in the past.

 

Limitations

• Audit reports can be generated for a maximum time period of only 7 days at a time. We may have to create multiple reports if our audit requirement is for more than 7 days.
• Some types of change audit data can take up to 72 hours to be made ready for reporting. Solutions impacted by this delay include: Compensation , Performance & Goals , Succession & Development (except Mentoring), Employee Profile, User Management, Proxy Management, and Role-Based Permissions
• Audit reports are automatically purged after 48 hours. So, if we miss to download the report within 48 hours, then we may lose the report and have to generate again.
• Storage limit for reports are exactly 1 GB
• Field values in change audit reports can’t be more than 4000 characters. Longer values are truncated.

EDIT:

The report generation period has been extended from 7 days to 30 days from the recent Release.

References

https://help.sap.com

https://launchpad.support.sap.com/