- All processes are well-documented and stored in a central repository which could be some kind of Change management tool like SharePoint- including the documentation of policies, work papers, and evidence to meet the requirements of Sarbanes-Oxley section 302 and 404
- The majority of business process control testing is automated and can be scheduled for appropriate locations, business units, or legal entities. This way each business unit can perform their testing when they need it.
- SAP Segregation of Duties (SOD) risk identification and remediation is performed automatically, across multiple SAP environments and/or instances as appropriate. With a right tool in place this can be performed. If the company does not have a tool then this will become a weakness
- SAP User access administration and change management is automated with approval notification and mandatory compliance verification. This is a labor intensive task if not automated. With the SAP IDM is will be possible for customers to automate both SAP and NON-SAP Systems
- Internal Audit regularly performs audits to cover the effectiveness and efficiency of operations, reliability of financial reporting, compliance with applicable laws and regulations, and safeguarding of assets. The internal audit team also need have people in their team who are knowledgeable with the SAP System business processes and the way it has been implemented in their company.
- Manual control testing is streamlined with automated task assignments, guided procedures, workflow enabled
- Business process managers are accountable for control documentation and testing, not Internal Audit or system administrators
- A common risk language and common risk categories enable the quantification and measurement of the organization’s overall risk profile
- Critical risks are identified in a timely fashion, especially risk interdependencies
- Oversight is provided by a SAP risk management executive committee or SAP chief risk officer, while operating unit managers have primary responsibility for risk management execution
- Risk management practices have been deployed enterprise-wide, including an enterprise-wide risk assessment process
[vc_row css=”.vc_custom_1512575306373{margin-top: 50px !important;}”][vc_column width=”1/3″][vc_cta h2=”Free Step by Step SAP License Optimization Guide” shape=”square” add_button=”bottom” btn_title=”click here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”left-to-right” btn_add_icon=”true” css=”.vc_custom_1512579904776{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #3a80f1 !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Ffree-sap-license-optimization-guide%2F||” el_class=”c_action”]SAP Customer is liable to pay 70 Million additional SAP licensing fees as a result of what is broadly known as Indirect Access.[/vc_cta][/vc_column][vc_column width=”1/3″][vc_cta h2=”Free SAP GRC 10.0 Step by Step Guide” shape=”square” add_button=”bottom” btn_title=”download here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”bottom-to-top” btn_add_icon=”true” css=”.vc_custom_1512579856805{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #f1b500 !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Fsap-grc-10-1-step-step-guide%2F||” el_class=”c_action”]Are you fed up with being not able to get job? Tired of being disappointed in yourself, because you just can’t seem to get started in the career as SAP GRC Consultant?[/vc_cta][/vc_column][vc_column width=”1/3″][vc_cta h2=”Financial Loss due to Fraud Risk” shape=”square” add_button=”bottom” btn_title=”click here” btn_style=”flat” btn_color=”default” btn_i_icon_fontawesome=”stm-diamond” btn_css_animation=”left-to-right” css_animation=”right-to-left” btn_add_icon=”true” css=”.vc_custom_1512579731433{padding-top: 50px !important;padding-right: 35px !important;padding-bottom: 50px !important;padding-left: 35px !important;background-color: #1d9e3f !important;}” btn_link=”url:http%3A%2F%2Fexpressgrc.com%2Ffree-sap-process-control-step-step-guide%2F||” el_class=”c_action”]Using the right kind of SAP Controls in the right way can be trans formative for any SAP System[/vc_cta][/vc_column][/vc_row]