This practical, how-to technical and risk management reference guide enables assurance, security and risk professionals - both IT and non-IT - to evaluate risks and controls in existing ERP implementations and facilitates the design and building of better practice controls into system upgrades and enhancements. The publication is based on SAP R/3 versions 4.6c and 4.7 and is the second edition of the globally demanded 2002 initial edition. It has been updated to reflect:
- New directions for ERP audit Continuous assurance techniques, implications of the changing compliance landscape for ERP control over financial reporting and extension of the traditional ERP control framework in response to the integrated ERP environment are discussed. The available tools for continuous assurance in an SAP R/3 environment are overviewed, tools to assist with corporate governance and risk management compliance are discussed and a sample control framework for the integrated ERP environment is provided. The discussion begins by explaining SAP s product and technology changes.
- Major SAP R/3 modules, products and functionality and navigation guidance
- Strategic risk management in an ERP environment to minimize the risk of not obtaining the significant benefits that can flow from a well-executed ERP implementation
- ERP audit impacts from implementation are detailed and frameworks and methodologies for auditing and testing in an SAP R/3 environment are provided. A technique to assist in identifying the cause of issues using the COBIT framework is described.
- Auditing SAP R/3 Core Business Cycles: Revenue, Inventory and Expenditure SAP R/3 modules and major business cycles are explained and overviewed. Risks and automated controls outlined and sample testing techniques are suggested.
- Auditing SAP R/3 Basis Technical Infrastructure Specific risks in SAP R/3 security and control, automated control activities and sample assurance techniques are provided.
- FAQs, audit programs, ICQs and references
- Current best practices and future trends in ERP issues, updated from the first edition published in 2002
0 comments:
Post a Comment