SAP ITGC Auditing

What you will learn

  • Impact of the Corporate Governance, SEBI Guidelines, SOX and other auditing standards (for example, ISA) that are relevant for the auditors on the audit process
  • Compact overview of the Authorization concept.
  • Basic system settings and logs
  • Organizational units and organizational structure within an SAP system, Practical analysis of the risks and controls using test cases. General Customizing and controls in Accounting while taking into account the impact on the audit process.
  • Auditing of business processes, for example, Procurement, Production, and Sales Order Processing.
  • Auditing the end of period financial statements, for example, period- end closing in internal Accounting (Controlling) and in Financial Accounting and Asset Accounting, Evaluation of work in process, allowances, and stock.
  • Auditing of specific evaluation methods, for example, stock in an anonymous warehouse, planned cost accounting and inventory costing, actual costing. Transfer of the financial accounting data, balances, and document information to the auditor’s computer in standard format for further analysis (for example, in ACL, IDEA, Excel).
  • Protecting the SAP Server from Cyber Attack. Basic overview on SAP GRC along with some Practical's.

Information Assurance Training

IT Audit/ ITGC Framework/ SOX 404 Testing

Risk Management Framwork-RMF(NIST)

SOC1, SOC2, SOC3 (SSAE 18) Compliance Training

ERP - SAP Audit Framework (End To End Testing Training)

ERP - JDE Audit Framework (End To End Testing Training)

Non ERP Audit Framework Trainings (End To End Testing Training)

On Job Support For All Audits

Domains (Syllabus)

  • Control: Management approves the nature and extent of user-access privileges for new and modified user access, including standard application profiles/roles, critical financial reporting transactions, and segregation of duties (SOD).
  • Control: Access for terminated and/or transferred users is removed or modified in a timely manner.
  • Control: User access is periodically reviewed.
  • Control: SOD is monitored and conflicting access is either removed or mapped to mitigating controls, which are documented and tested.
  • Control: Access is authenticated through unique user IDs and passwords or other methods as a mechanism for validating that users are authorized to gain access to the system. Password parameters meet company and/or industry standards (such as, password minimum length and complexity, expiration, account lockout).
  • Control: Privileged-level access (such as configuration and security administrators) is authorized and appropriately restricted.
  • Control: The key attributes of the security configuration are appropriately implemented.
  • Control: Application changes are appropriately tested and approved before moving into the production environment.
  • Control: Access to implement changes into the application production environment is appropriately restricted and segregated from the development environ

$3,000.00

Overview:

  • Understanding the core business processes, the integration of SAP applications & system control to optimize the internal control system in order to meet the regulations & international standards
  • Basic understanding of GRC will also be provided so that participants became aware of latest compliance tool of SAP.