Question:
Hi,
Our company (Over 800 users) is undergoing auditing and a question that has arisen by our management team about Batch Jobs.
My question is to all people of all compaies. Do you let your users schedule their own jobs or do you (Basis) keep the control for releasing jobs and scheduling when they are run?
We are unsure whether to restrict release capability down to our basis people. Is this a practice which is common in order to keep control of reports/programs.
Thanks,
SAPTastic
Answer:
My question is to all people of all compaies. Do you let your users schedule their own jobs or do you (Basis) keep the control for releasing jobs and scheduling when they are run? You WANT users to schedule jobs, you can have it perfromed either through SAP ( SM36, SM37, Pull-down menu on a report, etc) or in an external system.
SAP was purchased for transaction processing and if you do not let the users schedule their jobs they will run them on-line blocking critical dialog processes to run batch jobs rather then having them free for transaction processing. There is a STRONG need for your company to TRAIN the user in the proper scheduling to ensure varients are specified correctly and USE them. It is Basis's job to monitor the processing and ferret out the troublesome jobs and work with the user to correct.
NO USER should have S_BTCH_ADM and only have S_BTCH_JOB so Basis can control When and where these jobs run. With S_BTCH_JOB the user can ONLY schedule the job in calss C and BASIS controls when and where 'C' class jobs are run, leaving the other PRODUCTION jobs to run in preference ( scheduled in class A).
THe Auditors should be more concered about Business Disruption (caused by users running the report on-line) and Which reports a user can run. the chances are your system is not conntrolling the execution of all reports in SAP . Security is potentially allowing the user to run any report of their choosing without knowing it.
THe only 100% sure method is to place an auth group on EVERY report in the system , some 25,000+., but you must know what you are doing .