Auditing SAP IT General Controls (ITGCs)

⇨ Learn how to properly assess Segregation of Duties and Critical Access risks.

⇨ Understand the controls most important in the change control and transport process.

⇨ Explore how key tables and  files related to ITGCs can be used to facilitate continuous monitoring.

Are you an IT auditor seeking to learn how to efficiently and effectively test controls in an SAP system, or someone in basis or security looking for a primer on what your auditors may be looking for?  View this session deck to learn how to assess SAP ITGCs, including those common to compliance regulations like SOX, as well those aligned with better-practices.

View the session deck to:

Learn how to properly assess Segregation of Duties (SoD) and Critical Access risks, while avoiding the      "transaction code trap"
Understand the controls most important in the change control and transport process, including the type of documentation typically expected
Review the logs and log monitoring procedures that are enough to "get you by," and contrast those with the ones that should be in place regardless of any regulatory requirements
Explore how key tables and  files related to ITGCs can be used to facilitate continuous monitoring in tools like Process Control