ISACA New York Metropolitan Chapter

Auditing and Security of SAP






 

Instructor: PricewaterhouseCoopers
Date: July 25th - 26th, 2007
Duration: 2 Day Seminar
CPE Credits: 14
Location:
PricewaterhouseCoopers
300 Madison Avenue
Training Room - 22109
Cost: $450 Members; $550 Non-members

 

TO RESERVE A SEAT YOU MAY CONTACT:

Peter Kane at pkane@cablevision.com or 516-803-2251

 

The Introduction to SAP Security and Controls course is designed to help IT auditors understand the complexity of SAP security and controls and with the working knowledge necessary to audit and review SAP security and controls environments.

Level: Intermediate (two or more years of audit / security experience)

Prerequisites: The participants should have basic knowledge of application security and controls and business processes.

Program Concentration: The participants will learn the basic concepts of SAP security, including  user management, user authentication, and authorization concepts.  They  will also  learn SAP business process controls including configurable controls, segregation of duties,  and canned SAP reports used by management for monitoring purposes.   SAP GRC Access Control and Process Control product suites will be introduced and their relevance to audit will be discussed.

 

Topics Covered:

Segment one

4 hours

          Segment Two

         4 Hours

Segment Three

4 Hours

Segment Four

4 Hours

- Introduction to SAP

- Planning for SAP Audit

- SAP Navigation

- SAP General

  Computer Controls

- SAP Control

  Parameters

- SAP Security

   administration

  • User Management
  • User Authentication

- Authorization

  Concepts

- Segregation of

  Duties

- Audit SAP Security

  and BASIS

- SAP Operations

- Business Process

   and Applications

   Control Introduction

- Financial Reporting

  and Closing

  Considerations and

  Application Control

- Procure to Pay

  Process and

  Application Controls

  • Master Data
  • Purchase Order
  • Processing
  • Goods Receipts
  • Invoice Recording
  • Cash Disbursements
  • Configurable Controls
  • User Access and Segregation of Duties
  • Controls Reporting

- Order to Cash Process

   and Application

   Controls

  • Master Data
  • Sales Order
  • Processing
  • Invoice Processing / Billing
  • Delivery and Distribution
  • Cash Receipts
  • Configurable Controls
  • User Access and Segregation of Duties
  • Controls Reporting

- SAPs GRC

   Access Control

   Suite:

  • Compliance Calibrator
  • Firefighter
  • Access Enforcer
  • Role Expert

    Process Control

  • Controls Documentation
  • Automate Manual Control Process
  • Automate Controls Testing
  • Real Time monitoring

- Audit using SAPs

  GRC

- How can SAP GRC

   products increase

   effectiveness and efficiency

   of controls management

   and testing.

 

 

  
Copyright © 2002 Information Systems Audit and Control Association (ISACA™). All rights reserved.

Last updated May 24, 2007 10:26 PM