Tackling SAP Security Audits – Tips to Avoid the SAP Security Mop and Bucket
Meet the Experts
⇨ How to audit-proof your SAP Security and avoid the need for security “Mop & Bucket”
⇨ SAP Audit Interviews – How should these be handled?
⇨ What to do if audit issues raised are inherited
There is an ever-increasing raft of regulatory and audit requirements which SAP customers must adhere to. The cost of non-compliance has consequences for an organization. SAP system audits are a necessary part of running your SAP infrastructure, as SAP service contracts include audit clauses that establish rules to govern your audit procedures and requirements. How do you ensure your organization is meeting those rules and that your SAP system is being used correctly, how do you prepare for an audit, and how do you tackle things if you find the business is out of alignment with your SAP audit requirements?
Join this session for tips on auditing IT controls, ensuring your controls are working as intended, and creating policies and procedures for handling your SAP audits. Tina has worked as an SAP Security Consultant and more recently as a Compliance Consultant at Powercor. Specializing in SAP Security in the areas of Auditing and Redesigning SAP Security. She will draw on 20+ years of experience in several sectors, sharing insights for navigating SAP audits and what to do if you’re not meeting requirements (getting your mop and bucket out).
- Seeking Buy-in from Senior Management Team
- Implementing Business Role Owner’s
- Involving Business Role Owner/s with the Design
- Involving Functional Consultant’s
- Confirming SoD Policy
- Determining IT General Controls Rulesets
- Documenting Security Policy
- Documenting Security Standards
- Ensuring SoD is documented including Escalation and Signoff process
- IT Management Signoff on ITGC rulesets
Read the presentation here.