S/4HANA Migration testing – ComplianceNow is ready to support your company
The S/4HANA ball is slowly starting to roll off the ramp and our many dedicated customers and partners are starting to ask us if we can support their upcoming authorization testing related to migrating to S/4HANA. Whether we can handle the complexity of both backend and Fiori authorization errors?! The short answer is YES! Now we can.
Do we need to test migrating to S/4HANA?!
Will the migration to S/4HANA be a greenfield or a brownfield implementation? Is Fiori included in the setup and to what extent? What impact does S/4HANA have on the authorization concept? – do we need to redesign the roles, enabling adoption of the new best practice processes which part of the users access through the Fiori layer? Does this demand a full scope authorization test, a task that easily absorbs the time of the functional test team for anything from 6 to 12 weeks!?
What the impact, need and effort of implementing S/4HANA, is still uncertain in many companies. Since 2017 the ComplianceNow Team has been through the process of analyzing the influence of S/4HANA in the ComplianceNow product suite and created a roadmap on how to support the new technology introduced with S/4HANA. Last year we announced a full redesign of Authorization Process Manager which was needed to shape up the product for the future.
S/4HANA has not been an easy nut to crack, but in July 2019 we were pleased to share the new S/4HANA Fiori enhancement to the testing component Authorization Process Manager, also called APM.
Introduction of Fiori to the SAP compliance palette
With S/4HANA the SAP Authorization concept will be extended to handle access via Fiori Apps.
First, the Fiori App is activated through “Service Calls” in the frontend, this will call a screen, which normally in the backend is supported by one or more transactions codes. Service Calls will be controlled by objects and field values as we know it from transactions codes. So far, the Fiori catalog counts more than 3.000 standard apps, which compared to the number of transactions codes in the backend are not that many. The expectation is therefore that the authorization concept including the traditional transactions codes, and now the Fiori layer, together will result in much more complex functionalities, to support both transactions codes and the access to the Fiori LaunchPad.
APM now supports Fiori role testing
Testing of authorizations through the Fiori LaunchPad is the key point of this update blog. The thing is, that suddenly we need to handle authorization reporting in multiple layers. So, if you thought the task of authorization testing was complex and time-consuming in ECC, there is a good chance that including Fiori authorization errors will, if possible, stretch this experience.
The testing through the Fiori Launchpad will be challenging since you will need to keep track of authorization errors partly in the Fiori layer and partly in the backend layer and then together. This will, without doubt, be yet another stress test of the cooperation between the testers and the authorization team getting an acceptable flow and process of the error handling process.
The good news is, that Authorization Process Manager (APM) is now extended to support Fiori authorization error reporting as well as error correction simultaneous in both layers. (If you do not know the concept of APM I will suggest that you scroll down and read the last section of this blog.) This means that when a tester is testing through the Fiori Launchpad and is stopped by an authorization error, the tester can directly, in the Fiori Launchpad report the error to the authorization team and hereafter update the missing access enabling the continuation of the test. We have created an APM Authorization Error Reporting App enabling the Fiori tester to do fast-track authorization error reporting and update of test access. This will not only save a lot of time for the testers, but it will also ease the process of getting the authorization error reported to the authorization team in the right quality and in a timely manner.
More precisely, what happens when an authorization error occurs in a Fiori app?
When the tester is stopped by lack of authorizations in a Fiori App the tester switches to the Fiori APM Authorization Error Reporting App. Reporting the error is handled easily in a few seconds and when submitted by the tester, APM captures the authorization error in both the Fiori layer as well as in the backend layer.
The information will be forwarded to the APM Authorization Cockpit for later analysis and correction of the relevant role were the access is missing. In the background, APM will update the testers personal privileges with the missing authorizations (object and field values) in a temporary role assigned to the test ID. Now the tester can return to the Fiori Launchpad, to the Fiori App and then continue the functional test.
With the authorization error support of both the Fiori layer and the backend S/4HANA system, the actual intermission of the tester is reduced to seconds. The complexity of the error reporting has been simplified, removing the possible frustrations from both the tester as well as the authorization team supporting the test.
Throughout the years, the Authorization Process Manager (APM) has been used by +100 companies internationally to speed up the process of authorization- and functional tests. Especially in projects driving implementation of SAP and redesign of authorizations APM has shown its strength in eliminating the ever returning bottlenecks related to authorizations. In the wave of S/4HANA migrations approaching APM will be back eliminating risks and saving critical time in projects.
If you do not know the concept of authorization process manager – Read below
Authorization testing has always been a huge struggle for most companies implementing new roles or changing the existing roles. The reason for this is that it is impossible to avoid time-consuming tests of all roles and transaction codes to verify they work and support the business process. Secondly, testing a role concept consisting of anything between 600 and 1,500 transaction codes will unavoidably result in many authorization errors needed to be processed during the test.
The result is a slow-moving test, huge time consumption, exceeded deadlines, frustrations and authorization roles that every so often will be released for production without being tested. Having seen this scenario being played out in project after project leads to the idea of making a solution that could resolve the problem as soon as it appears.
The Authorization Process Manager from ComplianceNow is designed to deal with these challenges by making the process of a testing run more efficiently and to reduce the cost of testing as well as the risk of project postponements due to authorizations. Thus, you avoid the frustration and having to waste resources on carrying out authorization tests as well as the hassle of SAP Authorization transactions and other obstacles you may be all-too-familiar with in your day-to-day work with SAP. With Authorization Process Manager, the authorization specialists and testers work independently and report changes and errors in a new, simple and intuitive way. Using the test container functionality, the user can report authorization errors and continue to work because the missing authorization is added to the user’s test container. Afterward, the authorization specialist can evaluate if any missing authorization is needed in a role. Consequently, the user does not have to wait for the authorization specialist to update the role.
Follow us on LinkedIn and get instant access to our latest articles and posts on SAP and compliance.
Interested to learn more….?
We always look forward presenting Authorization Process Manager to present customers, possible new customers, partners and network. So, if you want to learn more, have questions or would like to see a live demo of CN Authorization Process Manager please contact us.