SAP S/4HANA Cloud, Public Edition – Change Management
All changes to a software system, which have an impact on financial accounting functionality, must be tested by customers to ensure that such changes do not affect their system in a negative way. In the case of an audit, customers are responsible to prove that they regularly test the impact of changes to their system and adapt to changes to APIs, processes, and configuration settings.
There are several major reasons for such changes to a system:
- A new release of the software product
- Changes to the business configuration of the software product
- Changes to business roles of the software product
- Changes to extensibility
This blog post explains those reasons and provides details how they are handled in SAP S/4HANA Cloud, Public Edition, in case of an audit.
As with the rest of this blog series, this post focuses on the current release of SAP S/4HANA Cloud, Public Edition, which is available either with a two-system landscape (2SL) or with a three-system landscape (3SL).
The older two-system setup offers customers a Quality (Q) system and a Production (P) system. In the Q-system changes are performed and tested. If tests are successful, these changes are transported to the P-system running in productive mode.
The newer three-system setup consists of a Development (D) system, where customers can initiate / develop their changes, a test (T) system to further test them before transporting them to their P-system.
A new release of the software product
Now, let’s directly go on with the first reason, a new release of the software product, here SAP S/4HANA Cloud, Public Edition.
The release and update cycle of SAP S/4HANA Cloud, Public Edition, currently distinguishes between releases twice a year and updates, where additional new features and important fixes are introduced each month. Q/T-systems are upgraded first, with P and D-systems being upgraded two weeks later. Customers are notified via email six weeks before the upgrade of the Q/T-system and they should use this opportunity to test how the new release or new updates affect their system.
More details about upcoming features can be found in the SAP S/4HANA Cloud, Public Edition, SAP Activate Roadmap Viewer and more information about the upgrade schedule can be found here for 2SL and here for 3SL. In addition to that, the SAP S/4HANA What’s New Viewer provides insights about the most recent changes to the system’s functionality and the S/4HANA Cloud Release Assessment & Scope Dependency Tool provides help to visualize scope dependencies.
Within the SAP S/4HANA Cloud, Public Edition, system, SAP Fiori app F5641 – What’s New also provides details on system changes.
Changes to the business configuration of the software product
The second reason for changes to a system relates to changes to the business configuration.
Business configuration changes, of course, must be properly tested to ensure inadequate changes that might affect financial accounting functionality are not transported to the P-system.
There are some differences between a three-system and two-system landscape setup as well as usage of SAP Central Business Configuration (CBC) compared to SAP Solution Builder.
SAP S/4HANA Cloud, Public Edition, three-system landscape with CBC
Business configurations are done in the SAP Central Business Configuration (CBC). CBC has a separate entry link. This link can be found in the SAP Fiori app F1241 – Manage Your Solution. Through an Implementation Project in the D-system, it is possible to make configuration changes and transport them to the T- and the P-system.
In the T- and P-system SAP Fiori app F6072 – Collection Import Change Log is available, to check who made which changes to the business configuration. The app does not show the business configuration changes directly, instead you need to schedule a job that will collect the business configuration changes based on transport requests or time period.
Some configuration settings cannot be transported from the source system (D-system), they must be manually maintained again in the target system (T- and P-system) after the configuration transport has been imported.
This kind of activity is called Manual Rework activity. These activities must be checked and executed in the target system. This must be done whenever configuration settings have been transported, for example, after initial implementation scope and scope enhancements (new country, new scope items). More information regarding Manual Rework activities can be found here.
SAP Fiori app F4327 – Business Configuration Change Logs provides an overview on such changes done locally in a system.
SAP S/4HANA Cloud, Public Edition, two-system landscape with CBC works the same, except the D-system is missing. Configuration changes are done in the Q-system and then transported to the P-system.
SAP S/4HANA Cloud, Public Edition, two-system landscape with SAP Solution Builder
In a two-system landscape with SAP Solution Builder, SAP S/4HANA Cloud, Public Edition, makes use of Self-Service Configuration User Interfaces (SSCUIs), that help customers to adapt pre-configured and activated SAP Best Practices processes. SSCUIs ensure, that SAP can do configuration upgrades without overriding the customers’ changes.
For example, it is not possible to make changes to the company code in the P-system. In a so-called “Configuration Sprint”, changes are clustered as Business Change Projects (BCP) to be performed in the Q-system first and then be transported to the P-system.
A change log is available for individual Web GUI SSCUIs in the Q-system. It is not available for SAP Fiori SSCUIs yet. Some Web GUI SSCUIs must be manually redone in the P-system. The change log is available in the P-system for these SSCUIs but not others.
A thorough explanation how to process manual rework activities can be found here.
To check changes to SAP Fiori apps, either transported or locally made changes, apps F6072 – Collection Import Change Log and F4327 – Business Configuration Change Logs are available as well in a two-system landscape.
Changes to business roles of the software product
The third reason for changes to a system relates to changes to the business roles.
Like changes to the business configuration, a transport of changed business roles is possible from Q-system to P-system.
SAP Fiori app F1492 – IAM Maintain Business Roles provides a list of changes to business roles, after an upgrade, too. Once a change has been checked, the entry disappears from the list. Thus, this app provides a working list of all changes to business roles after an upgrade.
Changes to extensibility
The fourth reason for changes covers various options regarding system extensibility in SAP S/4HANA Cloud, Public Edition, i.e., key user extensibility, developer extensibility, and side-by-side extensibility.
Key user extensibility offers to enhance certain SAP Fiori apps with specific fields defined by SAP. Developer extensibility allows customers to access data defined by SAP to use in functionality they developed on their own. Lastly, side-by-side extensibility enhances features of SAP S/4HANA Cloud, Public Edition, with functionality available on SAP BTP.
For an IT audit, the goal in this case is to test system extensibilities before they reach the P-system to reduce the risk of such system extensibilities to change business functionality and thereby affect proper accounting principles. Because of this, changes to system extensibility must be properly tested as well.
There are various SAP Fiori apps to check if specific system extensibilities are used by SAP S/4HANA Cloud, Public Edition, customers, for example F2450 – IAM Information System.
The management of system changes poses an integral part to ensure financial accounting functionality is working properly. In case of an IT audit, evidence must be provided to prove proper measures are in place to ensure proper accounting principles are working as intended. This blog post provided an overview of the change management capabilities of SAP S/4HANA Cloud, Public Edition.
To read all upcoming posts in this series, please follow the S4HANACloud audit tag we’ve created for this purpose.