Skip to Content
Personal Insights
Author's profile photo Hari Bhaskar Bhoopathy

Configuration Audit report- Provisioning System, RBP and MDF Objects

Hi Everyone,

Hope you are doing good !!

If you haven’t read my previous blog post titled  “Audit data and Configuration changes in SuccessFactors, please read it as this blog post is the continuation of my previous blog post on Change Audit report feature.

The prerequisites, required permissions and other stand procedures to use this feature has been explained in detail in my previous blog. So please visit the link given below before proceeding to this blog post.

Previous Blog post:

https://blogs.sap.com/2021/06/13/audit-data-and-configuration-changes-in-successfactors/

In this blog post, I have covered the idea of auditing configuration changes in SuccessFactors.

  • RBP Changes
  • Provisioning Changes
  • MDF Configurational Changes

 

Configuration%20Data%20Report

Configuration Data Report

 

Role Based Permissions

In any organization, authorized usage or access permission is very critical and sensitive. For instance, what role has been modified and when it has been changed, which access permissions has been added/removed all have to be carefully audited and reviewed.

This feature comes handy when we need to generate report on the changes performed in RBP section.

RBP%20Reports

RBP Reports

 

Once the request is saved, navigate to “Access Reports” section to download the report.

RBP%20Reports

RBP Reports

 

In the above report, if you could see the operation performed column are given in notations.

So, here I am listing out all the important notations used under Operation tab.

U– Update

I–  Insert

D– Delete

EDD– Effective Dated Deleted

EDU– Effective Dated Update

 

MDF Configuration Data

This feature is used to audit all the changes performed under Object configurations.

All the custom Meta Data Framework object changes can be captured at the configuration level.

MDF%20Configuration%20Data

MDF Configuration Data

MDF%20Configuration%20Changes%20report

MDF Configuration Changes report

 

Provisioning System Changes

As per SAP standards, provisioning access is limited to only SAP partners and consultants. However, Clients can always audit the changes made by their supporting consultants via this feature.

Provisioning%20Settings%20Audit%20report

Provisioning Settings Audit report

 

Enter the Time range as per the requirement.

Select%20the%20Time%20Period

Select the Time Period

 

Navigate to “Access reports” section to download your report

 

Access%20the%20Provisioning%20Changes%20report

Access the Provisioning Changes report

 

This way we can audit sensitive and critical changes performed in the provisioning system.

 

Business Data Report

Similarly you can select “Business Data Report” option and audit the changes performed by the users in MDF change history sections or audit the employee profile page changes.

Business%20data%20changes%20report

Business data changes report

 

Please note that , any report that is generated should be reviewed within next 48 hours from the job successful notification. Otherwise, the report will be purged from the system and the below message will be shown.

Report%20Purged

Report Purged

 

I hope this blog post would have helped you to understand more about “Change Audit reports” feature and its functionalities. This tool could be used across different Employee central and platform areas to audit the changes at both data and Configurational levels.

Limitations

Audit reports can be generated for a maximum time period of only 7 days at a time. We may have to create multiple reports if our audit requirement is for more than 7 days.

Some types of change audit data can take up to 72 hours to be made ready for reporting. Solutions impacted by this delay include: Compensation , Performance & Goals , Succession & Development (except Mentoring), Employee Profile, User Management, Proxy Management, and Role-Based Permissions

Audit reports are automatically purged after 48 hours. So, if we miss to download the report within 48 hours, then we may lose the report and have to generate again.

Storage limit for reports are exactly 1 GB

Field values in change audit reports can’t be more than 4000 characters. Longer values are truncated.

 

References

https://blogs.sap.com/2021/06/13/audit-data-and-configuration-changes-in-successfactors

https://help.sap.com

https://launchpad.support.sap.com/

Assigned Tags

      3 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Curtis Berger
      Curtis Berger

      Hari:  Great stuff, here.  Quick question, I have a client that is looking for an audit report on Provisioning Access (granted and accessed) for the duration of their contract.  Would the steps listed in your blog(s) yield the info. they're looking for?

      Author's profile photo Hari Bhaskar Bhoopathy
      Hari Bhaskar Bhoopathy
      Blog Post Author

      Hi Curtis,

      Thanks for your response.

      The steps listed in this blog would give us only the changes performed by the login users during a time period. I would say this might not be a ready report  to fulfil your requirement but can be used as a work around.

      That is by entering a desired period , you can fetch the login user info on that particular period and this way you might fetch the details of all those who have logged in during the contract period.

      Also, you can navigate to "Manage Provisioning Access" from Admin center to Add/Remove or view  user's access to provisioning, but even in here we don't have the option to filter out based on some time period.

      Thanks

      Author's profile photo Curtis Berger
      Curtis Berger

      Hari,

      Thanks for the response and guidance.  I believe there's an ISO certification driving this ask.  Time periods will become the main issue.

      I believe that operations can deliver reporting for lengthier time periods.  I'll be traveling that route, shortly.

      thanks!