I have just spent the week at the SAPInsider Financials2013 conference held in Las Vegas and organized by WISPubs. SAPInsider is the premier SAP focused conference track for all things SAP and the Financials show is one of the highlights of the SAP Finance related calendar. Attending the Financials conference is always an opportunity to have a number of different conversations with different stakeholders in the SAP world and in particular this year there was a strong focus on controls, audit, compliance and generally keeping your SAP systems safe.
I was particularly interested in conversations with customers and prospects alike who have challenges with being prevented from performing mass actions in their SAP environment. Access to mass transactions tends to be restricted because there is some illusion that entering data manually through the transaction numerous times is safer than running a mass action that could potentially break dozen, hundreds or thousands of records, or worse, create garbage records in your system that are almost impossible to get rid of or correct. The fear of mass transactions is understood but withholding access is not well understood given that IT and the auditors don’t own the business data and the business is ultimately responsible for making sure that the SAP data is correct, present and all accounted for. Worse, delays in changing data can lead to profoundly negative outcomes for the business, far worse than the risk of some of the minor errors that may arise from the incorrect use of a mass tool.
SAP is many things to many business users, but one thing it definitely cannot be described as, is an application platform that is easy and forgiving to use. A certain modicum of proficiency in navigating transaction screens, application logic and the UI as a whole is accepted to be a requirement for effective use however there are a great many inefficiencies in the way the application is presented to the ordinary user. Recent developments in UI optimization have attempted to remediate the situation but on the whole the experience is still sub par and the gap continues to widen as business users come to expect more and more with a richer and more sophisticated experience.
The enhancements to the user experience still do not address the mass actions that business users may need to perform and as a consequence business users are often left with a very limited list of options for performing mass actions against SAP systems.
One approach is the deployment of custom code that allows the mass actions to be performed based on a data input file. The latter is often a text file and the automation code is often of a very fixed and rigid nature. This fixed characteristic may achieve the objectives of the day but in the long term as the requirements evolve and in fact further requirements arise, the custom application may prove to be more of a problem to maintain than initially thought.
A second option that the business may want to consider is the use of 3rd party tool for mass loading of SAP data. This 3rd party tool can use the existing security authorizations and existing transaction processing logic that a user might use when posting the records manually into SAP however it can be enhanced further applying workflow wrappers to the end to end process so that there is visibility into the data activities that the business intends to apply to the system of record. Of perhaps distinctive interest is the fact that the workflow wrappers need not be exclusively exposed to business users but can also be provisioned in such a way that folks from SAP Security, SAP IT and any internal controls or audit group, can weigh in and add their voice to any given planned action.
SAP doesn’t natively support the use of workflow with mass transactions without special configuration but with the use of 3rd party applications, particularly those that ruin atop SharePoint, it is possible to still achieve business efficiency and yet still maintain governance, control risk and ensure compliance.