Better Manage Enterprise Risk and Streamline Audit Life Cycle Management with SAP Audit Management (Part 1)

  • by Kehinde Eseyin, Senior SAP GRC Consultant, Turnkey Consulting Ltd.
  • August 15, 2016
See how SAP Audit Management can help improve the different facets of the internal audit life cycle including audit planning and preparation while enforcing process control and risk management.
Learning Objectives
Reading this article, you will learn:
  • How to navigate through the SAP Audit Management Fiori-based user interface
  • Step-by-step instructions on how to plan and prepare an audit
  • Precautions to take to avoid erroneous situations and processes while using the system as the end user
Key Concept

Audit is a process that defines the time, scope, resources, and other attributes for an audit engagement and documents evidence, results, recommendations, and reports. The SAP Audit Management system helps organizations adopt a risk-based approach to an internal audit, enforce audit quality standards, avoid duplicating testing efforts, and improve internal audit efficiency and productivity.

The need to address audit challenges related to insufficient audit resources and the numerous areas that need to be addressed by audit activities are some of the drivers for the implementation of SAP Audit Management. Adopting a risk-based approach to audit planning helps internal audit departments focus on risks that are critical to an organization before the risks are realized. Organizations are increasingly seeking tools capable of standardizing audit operations, centrally managing working papers, and enforcing an audit reporting standard.

I discuss the following topics using a business example that captures a typical audit life cycle based on SAP Audit Management 1.2:

  • Creation of an auditable item
  • Creation of an audit
  • Creation, maintenance, and release of an audit plan
  • Initiation of an audit
  • Preparation and submission of a work program
  • Review and approval of a work program

Kehinde Eseyin

Kehinde Eseyin is a senior SAP security and GRC consultant with Turnkey Consulting (UK) Limited. He has more than eight years of SAP authorizations, GRC, and Basis experience. In the past, he has managed teams to coordinate security, GRC, and Basis administration activities within a multinational environment and operated as an independent consultant, performing SAP system audits and SAP GRC Access Control implementations. He holds a bachelor’s degree in computer science. He has different certifications, including SAP Access Control 10.0 Consultant; SAP Technical Consultant (SAP NetWeaver on Oracle); SAP Solution Manager Operations Consultant; SAP Support Engineer – SAP Solutions Manager; SAP Business One Consultant; Oracle Database Administration Professional (OCP DBA); ITIL v3; and PRINCE2. He is the co-author of SAP BusinessObjects Access Control 10.0 Application Associate Certification [Review Questions and Answers].

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.