Despite what your traditional testing is telling you, your internal controls may be broken and you may not know it. Common process work-arounds can result in your 3-way match (PO-receipt-invoice) process appearing to work, when in reality your key controls are being bypassed. Other common user behavior can circumvent the money you spend each year on security and segregation of duties. Attend this session and learn how to use existing SAP reports, combined with the creative use of SAP queries, to detect and resolve these issues and more. View this session to:

• Learn how the key to the 3-way match process is often the timing of each event (such as creation of the PO relative to the invoice receipt), rather than configuration and workflow
• Spot potential employee ID sharing instances that compromise your SoD efforts
• Examine how to monitor these issues over time using simple, straight-forward data analysis techniques
• Get a list of SAP customizations that may not be showing up on your SAP Access Control and SAP Process Control reports, and learn how and where to find them – including custom transactions, disabled authorization objects, and custom movement type