Describing the 4-Eyes Principle in Customer Data Maintenance


After completing this lesson, you will be able to:

  • Use sensitive fields to control changes to customers

Sensitive Fields

Changes to the customer master records can be sensitive from a security standpoint. Due to this, the internal control department of Bike Company has insisted on implementing a control ensuring that all customer changes are approved by an authorized manager. How to handle this demand in the system?

In SAP S/4HANA it is possible to configure ‘sensitive fields’ in the customer master record that will trigger the customer to be flagged for validation by a different authorized user to apply the 4-eyes validation principle to master data changes.

Until this validation is performed, the customer will be blocked for any payments, thus, preventing any financial loss to the company. However, other transactions are still possible, such as entering new sales orders or invoices. On the other hand, every time that the customer is used a warning will alert the user that validations are still pending.

For compliance reasons, a user can never approve their own customer modifications.

This graphic describes the 4-eyes principle applied to customer master data in SAP S/4HANA.

The first employee creates or changes the customer master data. They must ensure that all the necessary information is complete, accurate, and follows the company standards and guidelines.

When the first employee completes the customer master data creation or changes, they initiate a request for a second employee to review and approve the customer master data.

SAP S/4HANA notifies the second employee about the pending approval request through the system or by email, if configured.

  • An automatic message informs users that modifications are pending for this customer, every time that its records are accessed.
  • Automatic payments to the customer will fail until the modifications are validated.

The second employee logs into the SAP S/4HANA and reviews the supplier master data changes or creation done by the first employee. They validate the information against company standards, guidelines, and any regulatory requirements.

They also check for any discrepancies, inconsistencies, or missing information.

If the second employee finds the customer master data satisfactory, they approve the changes or creation and the process is finished.

If they find any issues, they can reject the request and send it back to the first employee with their comments or suggestions.

In case the customer master data request is rejected, the first employee corrects the issues pointed out by the second employee. They resubmit the request for approval when the corrections are made.

Final Approval and Activation: When the second employee approves the customer master data, the changes or new customer will be activated in the SAP system and will be available for use in transactions.

Log in to track your progress & complete quizzes