Migration readiness

How to Test Global and Local SAP Rules Against Real Migration Data

By Dzmitryi Kharlanau · Published · 21 min read

The global design says that Supplier Risk is mandatory for every active strategic supplier.

Contents

Reviewed: 14 July 2026

The global design says that Supplier Risk is mandatory for every active strategic supplier.

The Portuguese design adds another condition: regulated suppliers must complete compliance review before activation.

The migration plan allows incomplete records to enter a temporary review queue during Mock Load 2.

All three rules have been approved.

The team creates six test records:

Every scripted test produces the expected result.

The rule set is declared ready.

Then the real migration file arrives.

It contains:

The rules still work technically.

The test data did not represent the population to which they would actually be applied.

This is the gap between rule testing and migration-data testing.

A conventional test asks:

Does the rule return the expected result for this record?

A migration-data test asks:

Does the rule produce a controlled result across the real population, including combinations, exceptions and source defects that the design did not anticipate?

Both are necessary.

The first tests logic.

The second tests whether the logic is usable.

---

Put the real population in the room

Global and local rules are usually approved in abstract language:

Tax Identifier is required for supplier organisations.
Portuguese non-residents may use an approved exemption.
Supplier Risk is mandatory for strategic suppliers.
Local review status must be cleared before activation.

The statements look clear because each sentence describes one condition.

Real records combine many conditions.

One supplier may be:

The effective result depends on how these dimensions interact.

Testing rules against isolated examples is therefore insufficient. The programme needs a population in which the important contexts occur together.

A meaningful test dataset must represent:

This is not a demand to copy the entire production database into every test environment.

It is a demand to know which combinations exist and which combinations matter.

---

Three separate things must pass

Teams often report that “the rule passed” without stating what was tested.

There are three different pass conditions.

The model passes

The rule is structurally coherent.

For example:

This is deterministic model validation.

It says nothing yet about whether source data can support the rule.

The data passes

The current population contains enough information to evaluate the rule and reach an approved outcome.

For example:

This is dataset readiness.

It says nothing yet about whether SAP or another MDM platform implements the rule correctly.

The implementation passes

The configured system produces the approved outcome.

For example:

A rule is ready only when these three pass conditions align.

Model validity
+
Dataset evaluability
+
Implementation correctness
=
Usable rule

A failure in any layer should not be disguised by success in another.

---

A small sample can be perfectly misleading

Migration teams often receive a sample file containing a few hundred clean records.

The sample is useful for:

It is weak evidence for population readiness when it was manually selected or cleaned.

A sample may omit:

The sample can prove that a rule works.

It cannot prove how often the rule will encounter an unevaluable or contradictory record.

Before relying on a sample, record:

Selection method:
Random, stratified, manual or convenience sample

Source stage:
Raw extract, transformed staging or post-remediation file

Included contexts:
Countries, systems, roles and organisational levels

Excluded populations:
Historical records, incomplete records, local exceptions

Known limitation:
Does not represent rare value combinations

A manually prepared “good example” file should never be mistaken for readiness evidence.

---

Build populations before test cases

Traditional test design starts with scenarios.

For model rules, it is often better to start with populations.

Suppose the rule is:

Supplier Risk is required before activation for active strategic supplier organisations.

The relevant populations are not merely “valid” and “invalid.”

They include:

  1. active strategic organisations with valid risk;
  2. active strategic organisations without risk;
  3. active non-strategic organisations;
  4. inactive strategic organisations;
  5. supplier persons;
  6. organisations with conflicting strategic indicators;
  7. records where activity status differs by organisational view;
  8. records under temporary deviation;
  9. records with risk values outside the approved list;
  10. records with a plausible default introduced upstream.

For Portugal, the local rule creates further partitions:

The purpose is not to create hundreds of manual test cases.

It is to expose the dimensions that determine effective behaviour.

---

Use a population inventory

A population inventory shows whether the dataset actually contains the combinations needed for testing.

PopulationRecordsExpected treatmentEvidence quality
DE active strategic with valid risk18,240May proceedStrong
DE active strategic without risk416Block or remediateStrong
PT regulated, risk valid, review cleared2,180May activateStrong
PT regulated, risk blank, review pending284Load to review; block activationStrong
PT non-resident with exemption96Apply approved exemptionPartial
IT source-deviation population1,420Temporary enrichmentStrong
Person records incorrectly in supplier scope63Out of scopeStrong
Unknown strategic indicator212Rule cannot be evaluatedStrong

The final row is particularly important.

A record may not be valid or invalid.

The system may lack the information required to decide.

That is a distinct outcome:

Pass
Fail
Exempt
Pending remediation
Unevaluable
Out of scope

Reducing every record to pass or fail conceals the difference between bad data and incomplete decision context.

---

Test rule evaluability before compliance

Before checking whether a record complies, determine whether the rule can be evaluated.

For the Supplier Risk rule, the system may require:

If activity status is missing, the result is not automatically “risk missing.”

The rule cannot determine whether the record is applicable.

An evaluability test asks:

Are all attributes required to determine applicability available,
valid and measured at the correct granularity?

Only then should the compliance test run.

This distinction changes reporting.

Weak report:

6,840 records failed Supplier Risk validation.

Stronger report:

4,910 applicable records lack Supplier Risk.

1,212 records are not applicable.

718 records cannot be evaluated because strategic status
or lifecycle context is missing.

The remediation actions are different.

---

Context fields deserve the same scrutiny as the governed value

Teams focus on the field being validated and ignore fields used to determine scope.

For example:

Tax Identifier is required for Portuguese resident supplier organisations.

The test usually examines Tax Identifier completeness.

It should also examine:

If country is blank, the programme cannot determine whether the local rule applies.

If partner category is wrong, persons may be tested as organisations.

If residence status is derived inconsistently, exemptions may be applied incorrectly.

A rule is only as reliable as the data that selects its population.

---

Granularity mismatches must fail loudly

A rule may be defined at one level and tested at another.

Example:

Supplier Risk:
Supplier legal-entity level

Activity:
Purchasing-organisation level

Strategic status:
Source-system central level

Compliance review:
Country level

A flat migration row may combine these values without indicating their scope.

The test engine can then produce a result that appears precise but has no valid semantic basis.

Before executing the rule, confirm:

Consider a supplier active in one purchasing organisation and inactive in another.

A central ACTIVE = true flag cannot prove applicability for both.

The test should report a model-to-data granularity gap rather than silently expanding the value.

---

Test the effective rule, not each sentence separately

Global and local rules should be resolved into effective behaviour before testing.

Suppose the approved rules are:

Global:
Supplier Risk required before activation for active strategic suppliers.

Portugal:
Regulated suppliers require Review Status = CLEARED.

Migration Wave 2:
Missing Supplier Risk may enter a controlled review queue.

Temporary control:
Records in review cannot activate.

The effective Portuguese Wave 2 rule is:

A regulated strategic supplier may enter the migration review queue
without final Supplier Risk.

It may not activate until:
- Supplier Risk is approved; and
- Review Status is CLEARED.

This effective rule should drive the test.

Do not run four independent checks and expect the reviewer to infer the combined outcome.

---

Decision tables expose ambiguity

A decision table is often more useful than prose.

StrategicRegulated PTRiskReviewMigration stageExpected result
YesYesValidClearedActivationPass
YesYesMissingPendingLoadEnter review
YesYesMissingPendingActivationBlock
YesYesValidPendingActivationBlock
YesNoValidNot applicableActivationPass
NoYesMissingClearedActivationDepends on approved non-strategic policy
UnknownYesMissingPendingAnyUnevaluable

The sixth row frequently reveals an unresolved policy question.

The seventh reveals missing context.

Do not fabricate an expected result merely to complete the table.

An unresolved cell is useful evidence that the model is not ready.

---

Positive tests are the least interesting tests

A positive test proves that a clean record can pass.

Most real migration failures occur elsewhere.

A complete rule test set needs several categories.

Positive

Valid applicable record succeeds.

Negative

Invalid applicable record is rejected or routed as approved.

Boundary

A value exactly at the applicability boundary behaves correctly.

Examples:

Out of scope

The rule does not affect unrelated records.

Examples:

Exception

An approved exemption works only with required evidence.

Contradiction

Inputs disagree.

Examples:

Regression

Existing global contexts remain unchanged after local rule introduction.

Volume

The rule performs and produces manageable outcomes across the real population.

Reversibility

Records affected by temporary defaults or transformations can still be identified and corrected.

A rule suite dominated by positive cases creates confidence without much protection.

---

Test absence, invalidity and uncertainty separately

These conditions are often collapsed into blank.

They are different.

Absent

No value exists.

Invalid

A value exists but is not allowed.

Unmapped

A source value exists, but no target treatment is approved.

Ambiguous

Several target treatments are plausible.

Contradictory

Different sources provide incompatible values.

Not applicable

The field is correctly empty for this context.

Unknown applicability

The programme cannot determine whether the rule applies.

Each condition needs a distinct result.

For example:

ConditionAppropriate treatment
Absent but requiredRemediate or block
Invalid codeReject or map through approved correction
Unmapped valueDecision required
Ambiguous valueInvestigation required
Contradictory sourcesAuthority or survivorship decision
Not applicablePass
Unknown applicabilityContext gap

If all become FAILED, the remediation queue becomes noisy and difficult to govern.

If all become WARNING, material problems disappear.

---

The dataset should contain deliberately difficult records

A production extract provides realism.

A deliberately constructed challenge set provides coverage.

Use both.

The challenge set should include:

These records are not meant to estimate population frequency.

They prove that the model can distinguish difficult states correctly.

---

Then run against the whole representative population

After the challenge set passes, execute the rules against a representative or complete migration population.

Measure:

This is where hidden problems appear.

Example:

Global Supplier Risk rule

Applicable:
42,810

Pass:
36,905

Pending approved review:
2,140

Fail:
1,118

Unevaluable:
2,647

A superficial summary reports:

91.9% pass or approved review.

A better analysis notices that 2,647 records cannot be evaluated.

If these are concentrated in one source system, the central issue may be missing strategic classification rather than Supplier Risk itself.

---

Do not accept a percentage without seeing the residual population

A programme may set readiness thresholds such as:

These are programme policies, not universal rules.

Whatever threshold is used, the residual population must remain visible.

Ask:

A 0.1% failure rate can still include:

Volume and materiality must be assessed together.

---

Cross-country testing should prove containment

A local rule is not safe merely because it works locally.

When a Portuguese rule is introduced, test:

A containment report might state:

Portuguese regulated organisations:
New review rule applied.

Portuguese non-regulated organisations:
No review requirement.

German strategic suppliers:
Global risk rule unchanged.

Shared risk value list:
No local process values added.

Global reporting:
Review Status excluded from final risk distribution.

This proves that local variation has not leaked into the shared model.

---

Test migration stage transitions

Rules may differ between:

A record should be tested across transitions.

Example:

Stage 1:
Loaded with missing Supplier Risk into PENDING review.

Stage 2:
Risk enrichment completed.

Stage 3:
Compliance review cleared.

Stage 4:
Activation succeeds.

Stage 5:
Approved values replicated downstream.

Also test failure transitions:

Risk completed, review still pending:
Activation blocked.

Review cleared, risk missing:
Activation blocked.

Temporary deviation expired:
Load no longer permitted.

This is more useful than testing each screen or batch independently.

---

Historical and delta data need different tests

A full migration extract and a post-go-live delta are not equivalent.

Historical migration may contain:

Operational delta processing may require:

A rule may therefore permit:

Historical inactive record:
Load with documented exception.

while requiring:

New active record:
Block until complete.

The test plan should distinguish historical treatment from operational policy.

Otherwise, migration concessions leak into steady-state governance.

---

Configuration tests are still required

Dataset testing does not prove SAP implementation.

After the model and population are understood, test the configured platform.

For SAP MDG or another MDM solution, verify:

SAP currently positions MDG around one governed model, profiling and reconciliation, validated values, workflows, business-rule monitoring, quality controls and auditable change. Those capabilities can enforce and monitor approved rules, but the programme still needs evidence that the configured rule uses the right context and produces the intended lifecycle outcome.

A configuration test should use records selected from the same population analysis, not unrelated synthetic examples.

---

Data-quality platforms are execution engines, not semantic authorities

Platforms such as Ataccama and Informatica can profile data, execute quality checks, monitor conditions, expose lineage and support remediation workflows. Ataccama’s current platform description combines data-quality checks, monitoring, lineage, observability, reference data and master-data capabilities.

Informatica’s current data-quality offering describes continuous profiling, cleansing and standardisation, generated quality rules and observability across data, pipelines and business views.

These capabilities are valuable for:

They do not independently determine:

The canonical model and approved decision must supply that meaning.

A clean division of responsibility is:

Martenweave:
Defines and traces the rule, context, evidence and approved treatment.

Data-quality platform:
Executes and monitors scalable checks.

SAP or MDM platform:
Enforces operational behaviour.

Test tools:
Verify configured scenarios and regression.

Humans:
Approve meaning, exceptions and residual risk.

---

Keep rule identity stable across tools

The same rule may appear in:

Use one stable rule ID.

For example:

RULE-SUPPLIER-RISK-ACTIVATION-001

Each implementation should reference it:

Martenweave:
Canonical definition and context

Ataccama:
Population quality check

SAP MDG:
Activation validation

Migration pipeline:
Readiness gate

Test suite:
Positive, negative and regression scenarios

This allows the programme to compare results.

Without stable identity, several rules with similar labels may gradually diverge.

---

Baselines must agree

A valid test package identifies:

Example:

Model:
supplier-model-v3.4

Rule:
RULE-SUPPLIER-RISK-ACTIVATION-001 v2

Dataset:
ERP_B_supplier_extract_2026-07-12

Transformation:
migration-release-4.6

SAP configuration:
MDG-R5

Test cycle:
UAT-1

If the dataset was transformed using rule v1 but SAP was tested with rule v2, the evidence does not describe one coherent state.

The tests may all pass individually.

The package still cannot prove readiness.

---

Testing should produce findings, not only defects

A failed record does not always justify a software defect.

Possible outputs include:

Data remediation

The model and implementation are correct; records must be fixed.

Source gap

Required context or value is unavailable from the source.

Mapping issue

Source and target are approved, but transformation is wrong.

Model ambiguity

The rule does not define the outcome for the observed combination.

Configuration defect

SAP or the MDM platform differs from the approved rule.

Local-policy decision

A contextual requirement has not been approved.

Temporary-deviation decision

The target rule is valid, but the current migration stage needs bounded treatment.

Test-data defect

The expected result was based on an incorrect assumption.

A test programme that turns every unexpected result into a configuration ticket will corrupt the model.

---

A full worked example: Supplier Risk and Review Status

Consider a programme with three rules.

Global rule

Supplier Risk is mandatory before activation for active strategic supplier organisations.

Portuguese strengthening

Regulated Portuguese suppliers also require Compliance Review Status = CLEARED.

Italian deviation

Italian Wave 2 records may enter remediation without final Supplier Risk because the source release is delayed. They may not activate.

Step 1: inspect rule inputs

Required inputs:

Step 2: profile the dataset

Total supplier records:
86,420

Applicable active organisations:
62,180

Strategic:
14,480

Portuguese regulated:
2,940

Italian Wave 2:
8,110

Missing strategic status:
1,320

Invalid risk codes:
148

Missing country:
42

The 1,320 records with missing strategic status cannot yet be evaluated against the global rule.

Step 3: build the decision table

CountryStrategicRegulatedRiskReviewStageResult
DEYesNoHIGHN/AActivationPass
DEYesNoBlankN/AActivationBlock
PTYesYesHIGHCLEAREDActivationPass
PTYesYesHIGHPENDINGActivationBlock
PTYesYesBlankPENDINGLoadReview
ITYesNoBlankN/AWave 2 loadRemediation queue
ITYesNoBlankN/AActivationBlock
AnyUnknownAnyAnyAnyAnyUnevaluable

Step 4: execute against the population

Results:

Pass:
11,806

Approved temporary review:
1,716

Block:
958

Unevaluable:
1,320

Out of scope:
70,620

Step 5: analyse concentration

The 1,320 unevaluable records are almost entirely from one source.

The primary programme risk is no longer merely missing Supplier Risk.

It is missing strategic-status evidence.

Step 6: test implementation

SAP MDG testing confirms:

Step 7: test downstream distribution

The outbound interface is checked to ensure:

Step 8: record separate actions

Data action:
Remediate missing strategic-status evidence.

Configuration action:
Correct one Italian activation condition.

Model action:
Clarify lifecycle point for the temporary deviation.

Decision action:
Approve treatment for 42 records with missing country.

One test run created four different workstreams.

That is a sign of useful testing.

---

Where Martenweave fits in the test chain

Martenweave Core already provides the main backend pieces needed to build model-aware testing:

The current demo flow shows that dataset-readiness combines validation, coverage, gaps and a readiness verdict into shareable JSON and Markdown reports. It can also promote findings into a pending-review PatchProposal, preserving human review rather than changing canonical files automatically.

This supports an important product boundary:

Martenweave should not become the engine that executes every enterprise data-quality rule.

It should determine which rule is being tested,
against which model and dataset baseline,
for which context,
and what the result means for controlled change.

---

What Martenweave should add for contextual rule testing

A focused implementation could extend dataset readiness with:

Rule applicability output

For each rule:

Context breakdown

Results by:

Outcome classification

Residual-population export

A stable list of records requiring:

Baseline manifest

Comparison between runs

This remains backend-first and deterministic.

It does not require a general test-management platform.

---

A conceptual report

test_run:
  id: TESTRUN-SUPPLIER-RISK-2026-07-14
  model_baseline: supplier-model-v3.4
  dataset: ERP_B_supplier_extract_2026-07-12
  rules:
    - RULE-SUPPLIER-RISK-ACTIVATION-001
    - RULE-PT-COMPLIANCE-CLEARANCE-004
    - DEV-IT-WAVE2-RISK-002

results:
  applicable: 15800
  passed: 11806
  failed: 958
  approved_pending: 1716
  unevaluable: 1320
  out_of_scope: 70620

findings:
  - type: source_context_gap
    population: 1320
    reason: strategic_status_missing
    owner: ROLE-ERP-B-DATA-OWNER

  - type: implementation_mismatch
    population: 118
    reason: italian_activation_rule_not_enforced
    owner: ROLE-MDG-ARCHITECT

readiness:
  verdict: not_ready
  blockers:
    - strategic status unavailable for applicable population
    - Italian activation configuration mismatch

This is a conceptual direction, not a claim about the current schema.

---

The release gate should be evidence-based

Before a global or local rule is declared migration-ready, require:

Model

Dataset

Implementation

Evidence

A rule should not pass because one team says its part works.

It should pass when the complete evidence chain describes one coherent state.

---

The questions that reveal weak testing

Before accepting the report, ask:

If the report answers only:

25 scenarios passed,

the programme has tested examples, not readiness.

---

Final perspective

A rule is not proven by a clean test record.

It is proven by controlled behaviour across the population to which it applies.

Real migration data tests more than formatting and completeness. It tests whether the model can survive:

SAP MDG and other MDM platforms can enforce approved operational rules. Ataccama, Informatica and other data-quality platforms can profile, validate and monitor large datasets. Test-management tools can organise scenarios and defects.

The missing layer is often the connection between them:

Which canonical rule was tested, against which effective global–local context, using which dataset and baseline, and what does each result mean for the model?

That is the layer Martenweave can own.

The practical test is:

Can the programme take a new migration extract, apply the approved effective model, separate failure from exception and unevaluability, trace every material result to a rule and owner, and repeat the same analysis after the next change?

When it can, rule testing becomes evidence.

When it cannot, the programme has a collection of successful examples and an unresolved production risk.

About the authors

Martenweave is maintained by Dzmitryi Kharlanau.

Martenweave is a backend-first model-governance and evidence layer for SAP migration, MDM, data governance and AMS teams.

It connects:

Its role is not to replace SAP validation, enterprise data-quality platforms or test-management applications.

It is to make the tested rule, population, evidence and resulting change traceable as one governed model process.

Sources and notes

This article was reviewed on 14 July 2026.

SAP currently describes SAP Master Data Governance as a governance layer that preserves model semantics and relationships, supports profiling and reconciliation, enforces validated values, routes collaborative workflows, monitors business rules and maintains auditable changes. SAP also recommends curating master data early because automated SAP S/4HANA processes depend increasingly on clean and correct data.

Ataccama currently presents its platform as combining data-quality checks, monitoring, lineage, observability, reference-data and master-data capabilities across end-to-end quality workflows.

Informatica currently describes Data Quality and Observability capabilities that include continuous profiling, cleansing and standardisation, generated rules and monitoring through data, pipeline and business perspectives.

Martenweave’s current public demo path validates canonical files, builds disposable indexes, supports search, trace and impact analysis, reports governance and model-side gaps, compares datasets with expected field endpoints and produces combined readiness reports.

The same dataset-readiness workflow can promote gaps into a pending-review PatchProposal or generate a GitHub-ready issue draft, while preserving human review before canonical model changes.

Martenweave is independent and is not affiliated with or endorsed by SAP, Ataccama, Informatica or other vendors named in this article. Product names and trademarks belong to their respective owners.

Primary sources