Drive Risk-Based Auditing in the SAP Audit Management System

  • by Kehinde Eseyin, Security Architect
  • July 11, 2016
Learn how to configure SAP Audit Management to harness the benefits of risk-based auditing while integrating the system with SAP Process Control and SAP Risk Management.
Learning Objectives

Reading this article, you will learn:

  • The main configuration settings to get your SAP Audit Management system up and running
  • Tips and tricks to help you avoid errors during the customization of the product
  • How to easily import master data from SAP Process Control and SAP Risk Management into SAP Audit Management
Key Concept

SAP Audit Management is part of SAP Assurance and Compliance Software (powered by SAP HANA) that provides enterprises with an end-to-end audit management solution. The product is designed to help audit departments build audit plans, prepare audits, analyze relevant information, document results, form an audit opinion, communicate results, and follow up. A risk-based approach to audit planning and execution helps the internal audit department focus on risks that are critical to the enterprise.

SAP Audit Management enables organizations to standardize audit practices by enforcing process control in audit documentation, reporting, and test procedures. It controls the routing of working papers with workflow capability. This is designed to bring process efficiency to the internal audit department.

You can access the audit system via the back end and the Fiori-based front end. I focus on the configuration in the back end (accessed via SAP GUI) which invariably drives the operational activities performed in the front end. The system administrator typically logs on to the back-end system to set up audit management customization settings, which form the basis for the use of the system by the audit team. The front end represents the interface for end users of the system to perform day-to-day internal audit functions.

Kehinde Eseyin

Kehinde Eseyin is a security architect. He holds a bachelor’s degree in computer science. He has about 12 years of IT security, governance framework, IS risk, and compliance experience gained by working in numerous global organizations. Over the years, he has demonstrated competencies in security design, information assurance, cyber security, data privacy, threat and vulnerability management, penetration testing, business architecture, project management, IT audit, IS controls framework, and identity and access management.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.