Monitor Sensitive Fields with R/3's Dual Control Functionality

  • by Dr. Stef G.M. Cornelissen, MBA, SAP Business Consultant, Sperry Partners BV
  • October 15, 2004
The standard SAP dual control principle imposes segregation of duties for changes to sensitive fields while allowing changes to be made by one person to non-sensitive fields.
Key Concept
Dual control functionality forces changes made to sensitive fields in customer and vendor master records always to be checked by another authorized employee. Even if two people are both allowed to change a bank account and to approve changes, they still cannot approve changes that they created themselves.

Administrative organization in R/3 typically works with static authorization and segregation of duties. However, strict application of these principles in low headcount organizations is difficult and can lead to a lack of proper control. Dual control offers an effective tool to provide four-eye control on all sensitive changes to customer and vendor master records, while allowing a more widespread authorization for non- sensitive corrections.

Classic guidelines for the separation of duties within accounts receivable (FI-AR) and accounts payable (FI-AP) master data maintenance focus on payment- and credit-related fields in vendor master records:

Users should not be allowed to create and modify master records and post transactions at the same time. Users who can maintain vendor master records and post transactions (invoices and payments) could create a fake vendor record and pay a fictitious invoice without detection. If these duties were separated, this fraud could only be accomplished with the collusion of two personnel. Another example is replacing a vendor bank account number with a privately owned bank account and entering fake invoices.

Credit management should be separated from master record maintenance in FI-AR. This prevents the master record clerk from creating a fake customer master record and granting credit to it, allowing uncontrolled shipments to nonexistent customers.

These guidelines work well in organizations that have large enough headcounts in finance to distribute and segregate tasks, but what if you are running a lean administration? I will explain the use of dual control in R/3 as a method that guarantees four-eye control even in smaller companies. Dual control achieves the same results as full segregation and prevents the everyday occurrence of circulating passwords and user IDs.

Although this functionality (which defines sensitive fields in Customizing) has been available for quite some time, I have not seen it used frequently, presumably because it is not well known. I will give you the basics on its use and customizing. After you implement it, an authorized clerk can still change a sensitive field as defined in Customizing. However, the change only takes effect after an authorized colleague has approved it.

Dr. Stef G.M. Cornelissen

Dr. Stef G.M. Cornelissen, MBA, is an experienced international SAP business consultant from the Netherlands with certifications in FI, CO, and SD. He took part in important international projects involving the large Dutch multinationals. Before specializing in SAP, he worked as a management consultant and was a senior advisor to the Board of Directors of the University of Nijmegen. Stef's academic background is in business administration, economics, and organizational science. He is the owner of Bowstring BV and principal partner at Sperry Associates.

See more by this author


8/30/2013 1:52:15 AM

Good article explaining the features and configuration for dual control. Would have been useful is following was also covered
1. What happens on rejection of the changes ?
2. How to configure customer master/vendor master fields not existing in T055F eg: Withholding Tax indicator.

Please log in to post a comment.

To learn more about subscription access to premium content, click here.