cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to whitelist EWA-findings in EWA Solution Finder / EWA Workspace / EWA Dashboard ?

DinoPhilips
Participant

on ‎07-22-2021 12:28 PM

0 Kudos

Currently we are looking into possibilities to intensify the use of EWA Solution Finder / EWA Workspace / EWA Dashboard. One of the hurdles to overcome and increase adoption, is the apparent lack of whitelist-functionality and/or exemption management on EWA findings.

An example of why our EWA Solution Finder list will always have crtitcal findings is the fact that emergency users have SAP_ALL authorization. These emergency users are by default deactivated and a separate approval-workflow needs to be completed before these users become operational. In other words, we have an audit-proof firefighteing process in place. Nevertheless this will show up as a critical EWA-finding. Therefore deminishing the attention value of a red flag. People get used to seeing red flags and will ignore all EWA findings in future.

So the big question is: How to whitelist EWA-findings in EWA Solution Finder / EWA Workspace / EWA Dashboard ?

Does anyone have similar experiences and/or workarounds for this?Or should this requirement be dropped at SAP as Customer Improvement Request?

Show replies
Show replies
CarlaOLI4
Explorer
‎07-22-2021 12:40 PM

Spot On , would love such a functionality

PeterMonaghan
Participant
‎07-22-2021 6:28 PM
0 Kudos

You're essentially asking to write-off a big audit red flag with SAP_ALL access. That's going to be tough to do.

DinoPhilips
Participant
‎07-23-2021 11:33 AM

petermonaghan - thank you for sharing your thoughts on this.

Perhaps I need to elaborate a bit more on what I am looking for. It is not that I want to mask or undo audit red flags. Along the lines of 'comply or explain' I am looking for similar functionality which we are using right now for custom code management, being: pseudo comments/pragma's, whitelisting via check variants and exemption management (incl. 4-eyes principle & SOD).

I believe for the EWA Solution Finder to be truly effective you should strive for zero red flags. That way, if at some point a red flag pops up it automatically grabs your full attention. If, and I think this is true for any monitoring tool, you are used to having multiple red flags all the time it will automatically decrease your sense of urgency. How then to distinguish between 'dark red' flags which need immediate attention and 'light red' flags which will always turn up no matter what you do or don't do?

As for auditors asking nasty questions (it's their job to do so) you can show them you have a well-defined process in place on who is entitled to whitelist or exempt certain findings. And since this is SAP we are talking about I naturally assume the system will log all these actions for me, which in turn should make the auditor happy again.

BR Dino

PeterMonaghan
Participant
‎07-28-2021 3:09 PM
0 Kudos

That makes sense... I think if the process is clearly documented then it should be able to work.

Answer

Accepted Solutions (0)

Answers (0)

Ask a Question