Attend the full Audit & Security of SAP Training Week - 3-7 September and save 10%
Over three days you will the knowledge to assess your own system and provide recommendations for improving both SAP configuration and usage.
Over three days you will:
- Investigate the risks inherent in the SAP application, detailing some of the most effective control opportunities you can configure or design into the application
- Examine the security and basis configuration settings necessary to support a strong control environment for the rest of the system
- Pinpoint the risks related to default IDs, profile parameters, IMG configuration and maintenance, and segregation of duties
- Drill down to core business processes, including the financial close cycle (supported by FI/CO), the order-to-cash cycle (supported by SD), the purchase-to-pay cycle (supported by MM), and the personnel management and administration cycle (supported by HCM) and review critical configuration settings
- Review common techniques implementers and SAP support personnel may try to use to ‘hide’ poor configuration from auditors, and how to uncover those quickly in your system
- Explore where SAP is going with its SAP Business Objects Governance, Risk, and Compliance (GRC) suite of applications
- Delve into advanced auditing techniques supported by tools within the standard SAP application, including the Audit Information System (AIS) as well as advanced data analysis opportunities that can be provided by ACL, IDEA and, in some cases, the SAP Business Objects suite itself
Course Director Steve Biskie
As the author of the only book published by SAP Press related to auditing SAP, Surviving an SAP Audit, (SAP Press, 2010) and having led more sessions at the SAP GRC series than any other speaker in the history of the event, Steve Biskie is internationally regarded one of the most sought-after trainers in the world when it comes to the topic of an SAP audit. He has been involved with SAP systems in a variety of roles, including as an internal auditor, consultant, implementation team member, compliance team lead, and SAP Steering Committee Chair. He has worked directly with SAP as part of the SAP Influence Council for the Management of Internal Controls (MIC) tool, the first iteration of what is now the SAP GRC suite. Steve was also the keynote speaker at the first Sarbanes- Oxley for SAP Customers event. He has taught thousands of business, IT, and audit professionals about dealing with the intricacies of SAP.
Methodology: A live SAP system will be used for demonstration, complemented by referential screen shots, and reinforced by group discussion and class exercises
Past Delegate Feedback
“Good course, clear structure and examples, applicable and valuable for attendees” Nokia
“A great overview of SAP for the IT auditor. I now feel confident in carrying out an audit of SAP” EON