Global Leader in Information Security and Internal Audit Training
Link North America section Link Europe section Link Asia section
All Events Business Process Auditing Financial Institution Internal Audit Governance, Risk & Compliance Internal Audit - Tools & Techniques Managing and Leading the Internal Audit Department
All events
All events
All Events Audit & Security of Enterprise Applications Audit & Security of Networks and Operating Environments IT Auditing - Tools & Techniques
All events
All events
Upcoming conferences Previous conferences 10th CISO Summit & Roundtable 8th Audit, Risk & Governance Africa Summit 2nd Cloud Security Alliance EMEA Congress 2013 6th Fraud, Corruption and Investigations Summit CISO Latin America Summit 3rd Mobile & BYOD Security Summit 7th Chief Security Officer Summit (CSO) & Roundtable 2013
Internal Audit> Fraud>
IT Audit> Info Security> Corporate Security>
Africa Europe Middle East UK
More Information Past Sponsors
ABOUT MIS CONFERENCES COURSES LOCATIONS IN-HOUSE TRAINING  
Search MIS Training  
     Conferences      Sponsorship      Courses      Locations      In-House Training      Ways to Save      Request Info      Call for Instructors      Course Venues      Past Delegates      Contact MIS      Sitemap
Internal Audit> Fraud>
IT Audit> Info Security> Corporate Security>
Africa Europe Middle East UK
Advanced Technical SAP Audit - France  NEW! 
Audit and control techniques for SAP R/3 & SAP ECC technical auditors
Learning Level: Advanced
CPEs: 15 Fee: £1,525.00
Focus and Features Agenda Enquiry Register
In-house Who Should Attend Download Brochure FAQ
Focus and Features

Attend the full Audit & Security of SAP Training Week and save 10%

In this two day seminar we will help you take your SAP technical auditing skills to the next level. You will learn the advanced risks and control opportunities that should be considered in a thorough audit of the SAP basis system and security. You will acquire the knowledge and skills to progress beyond the basic auditing employed by many auditors and become competent at an advanced auditing level.

Over two days you will:

  • Practice techniques discussed on a sandbox SAP system, and get the chance to perform a quick end-to-end security assessment
  • Review the additional security risks posed by the SAP Netweaver components, and the transactions within SAP for understanding key settings
  • Explore the various table types within SAP, and practice some basic data interrogation techniques using SAP Query tools embedded within the application
  • Learn where to go to get the best security-related advice and perform additional research on other technical basis-related topics
  • Review the ‘system hardening’ guidelines provided by SAP related to common attack scenarios in SAP ABAP as well as the JAVA layer, and how proper system settings and coding techniques can prevent exposure to common attacks (such as SQL injection and man-in-the-middle attacks)
  • Have a first-hand look at some largely-unpublished risks within SAP, including an example where a user may look via standard SAP security reporting as having innocuous access when in reality they have SAP_ALL-type privileges, and learn how to see if these risks affect your installation

Methodology: A live SAP system will be used for demonstration, complemented by referential screen shots, and reinforced by group discussion and class exercises

Course Director:Steve Biskie, CISA, CITP, CPA

As the author of the only book published by SAP Press related to auditing SAP, Surviving an SAP Audit, (SAP Press, 2010) and having led more sessions at the SAP GRC series than any other speaker in the history of the event, Steve Biskie is internationally regarded one of the most sought-after trainers in the world when it comes to the topic of an SAP audit. He has been involved with SAP systems in a variety of roles, including as an internal auditor, consultant, implementation team member, compliance team lead, and SAP Steering Committee Chair. He has worked directly with SAP as part of the SAP Influence Council for the Management of Internal Controls (MIC) tool, the first iteration of what is now the SAP GRC suite. Steve was also the keynote speaker at the first Sarbanes- Oxley for SAP Customers event. He has taught thousands of business, IT, and audit professionals about dealing with the intricacies of SAP.

Past Delegate Feedback

“Good course, clear structure and examples, applicable and valuable for attendees” Nokia

“A great overview of SAP for the IT auditor. I now feel confident in carrying out an audit of SAP” EON

Training type: Group-live
Advance preparation required: none



For questions about your registration, course venues and group discounts, please e-mail mis@mistieurope.com  Alternatively please visit FAQ page. This course is also available In-house. For more information about bringing this or other MIS seminars to your organisation, please e-mail mis@mistieurope.com.

 

 


Related Events