UI Data Protection – How to protect sensitive data in Long Text controls in SAP GUI Transactions

Governance, Risk, Compliance (GRC), and Cybersecurity, SAP S/4HANA

Introduction In this blog, as an example, we will be showing how a Long Text field can be protected in MM03, ME23N, and ME53N transactions. Purchase Order Text A Purchase Order Text is a text describing the material in more detail. This text is subsequently copied to purchasing documents (such as purchase requisitions or purchase […]

Continue reading


Mitigation Controls creation and assignment in SAP GRC 12.0

SAP Risk Management, Governance Risk Compliance (GRC) and Cybersecurity, SAP Access Control, SAP Risk Management for SAP S/4HANA

Purpose of the document: Creation and assignment of Mitigation Controls in SAP GRC 12.0. This document describes the Mitigation configuration proces in GRC12 Access Control in very simple and easy way. What is Mitigation? The Mitigation allows you to mitigate certain risk violations that you want available to specific users or roles. This is done […]

Continue reading


UI Data Protection – How to use Recording Tool for masking in Analytical Queries

SAP Analytics Cloud, Governance, Risk, Compliance (GRC), and Cybersecurity, SAP S/4HANA

Introduction Recording Tool is used to store the Technical Address Entries for UI fields. It is used to activate recording for one or more users for specific timeframes. During this time, the system will record the technical addresses of the UI fields that the user accesses. It is used to track the users who have […]

Continue reading


Attribute Based Access Control (ABAC) – Data Blocking Configuration to protect Sensitive Business Partners from Unauthorized Users

UI data protection masking for SAP S/4HANA, Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction In this blog post, we will learn how to configure Data Blocking through Manage Sensitive Attributes app provided by UI Data Protection Masking for SAP S/4HANA 2011 solution based on Attribute Based Authorization Control(ABAC) concept. Manage Sensitive Attributes app The Manage Sensitive Attributes application allows you to maintain configuration for UI data protection in […]

Continue reading


Attribute Based Access Control (ABAC) – Data Block scenario in ALV Tree program of SAP GUI

Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction In this blog post, we will learn how to configure Data Blocking through Manage Sensitive Attributes app provided by UI Data Protection Masking for SAP S/4HANA 2011 solution based on Attribute Based Authorization Control(ABAC) concept. Manage Sensitive Attributes app The Manage Sensitive Attributes application allows you to maintain configuration for UI data protection in […]

Continue reading


UI Data Protection – How to protect sensitive data displayed in PDF Forms

SAP GRC, SAP S/4HANA

Introduction In this blog, we will learn how to configure masking in PDF Forms to protect the sensitive information displayed in it. Adobe Forms are used frequently in SAP to generate Portable Document Format (PDF) files of various business documents like Invoices, Order Confirmations, Account Statements, Purchase orders etc. In this blog, we will see […]

Continue reading


Attribute Based Access Control (ABAC) – Field Masking Scenario in Change Log (CDPOS table) in SE16 transaction

S/4HANA, SAP GRC

Introduction In this blog post, we will learn how to mask “New Value” and “Old Value” fields based on “Object Class” and “Field Name” field information of table CDPOS in SE16. “New Value” and “Old Value” fields of table CDPOS in SE16 transaction need to be masked where “Object Class” is “MATERIAL” and “Field Name” […]

Continue reading


Attribute Based Access Control (ABAC) – Mask Identification Number of Sensitive Business Partners based on Users IP Address

Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction As part of this blog, we will compare logged-in user’s IP Address attribute with attributes of data that logged-in user is trying to access. As example, we have considered a scenario where sensitive Business Partners Identification Number data will be masked for logged-in user if logged-in user’s IP Address is in the blacklist. These […]

Continue reading