Skip to main content

«  View All Posts

SAP Finance: The dangers of SE16 transactions in SAP ECC

August 2nd, 2017

1 min read

By David Schenz

no access

I was once asked an astute question in an interview about transaction SE16:

"David, how do you feel about giving end users access to SE16 in SAP ECC?"

My answer to the interviewer was three fold:

  1. End users should not have access to SE16 (or its variants SE16N, SE17, etc) in SAP ECC because the necessary authorizations are not present to limit access to sensitive data. That means end users could have unfettered access to sensitive financials, payroll, human resources, and project information. Depending on the authorizations given,  end users could even change tables and configuration directly. Thus it's not appropriate to give SE16 or SE16N to end users.
  2. Giving table access to end users usually implies that there is a deficiency in the reporting solution. I usually see this scenario where a robust ad-hoc reporting package was not in scope or not delivered. In recent times, it's much better to deliver ad-hoc reporting through SAP Business Objects on top of SAP BW or ECC on HANA than to rely on only ECC ABAP reports.
  3. If all else fails and a reporting solution is not in place in the short term, then there are the old school reporting tools in SAP:
    • A standard transaction can often be manipulated into a 'good enough' solution. That might mean making a new standard layout in FAGLL03 or S_PL0_86000030 in FICO or ME2L or ME2N in procurement.
    • Report painter or :shiver: report writer can be used with either a standard or custom library to build a custom report. Often, there are predefined key figures that can save a lot of trouble. Report writer usually leads to tears of frustration though.
    • SAP Query through SQ01 and SQ02 can be used to join tables together and present a useful layout. SAP Query is very handy for reports without complex requirements.
    • FinallyABAP programs can serve in a pinch for more complex reporting requirements when the above options all fail.

With all of the above options, there is no reason to give end users access to SE16 or SE16n and risk the disclosure of sensitive data!

For more support, contact our team of ERP consultants at erpsuites.com.

David Schenz

David Schenz is a leader in building teams that deliver complex business systems transformations and roll-outs. With nearly ten years SAP experience, he offers deep knowledge of retail accounting processes, insurance accounting, and retail business strategies. As Director at ERP Suites, David guides employees toward a common goal of helping customers achieve optimal success.