Ensure Success in Your Next SAP Audit with Standard Audit Features

  • by Darshan Shah, Platinum Solutions Consultant, itelligence Consulting
  • April 21, 2010
Conduct technical assurance audits using robust features within your existing SAP ERP implementation. Discover undocumented tips for leveraging key reports and controls to gain transparency and the necessary evidence trail to perform rigorous system and business process audits.
Key Concept
SAP’s standard and improved role-based audit approach makes auditors lives easier and relieves them from many hassles related to security and access for auditing appropriate areas in SAP systems. The standard approach also enforces best practices with segregation within audit and security teams and other customization using the role-based approach.

Before SAP R/3 4.6C, auditing in SAP systems was transaction based with some configuration processes. To make it easier for the auditors, the audit feature now is role based, with individual roles assigned to a user master record. It is important to use the standard feature of SAP because it needs no investment and gives you a standardized audit structure. We’ll go over the role-based audit features in SAP ERP Central Component (SAP ECC) 6.0 and some related configuration.

SAP Audit Feature Overview and Configuration

The SAP audit feature (formerly referred to as Audit Information System [AIS]) improves audit quality and rationalizes audit methods. It consists of the audit report tree, which helps with one of the biggest issues facing SAP GRC professionals: Where do you find audit-relevant information? The SAP audit feature includes SAP standard programs that help with:

  • Information retrieval using existing SAP programs
  • Preconfigured reports to know who has access to critical transactions
  • Standards/checklist for auditing to customize their audit programs

Figure 1 gives a visual overview of the audit feature with authorizations in the back end to provide access to key audit reports. The reports are populated in the menu tree by functional area (e.g., business, system audit) and the online reports cover the system information, reconciliation, balance sheet, and accounts. The data export functionality helps to interface with external audit reporting software, especially SAP BusinessObjects GRC solutions.

Darshan Shah

Darshan Shah is a platinum solutions consultant with itelligence Consulting. itelligence is a leading global mid-market SAP provider that offers a full scope of SAP services, including SAP consulting, licensing, managed hosting, customer support, and education. It is one of only 12 consulting firms to earn SAP Global Partner status and one of only six to earn SAP Global Hosting Partner status. With an MBA degree in finance, Darshan has managed and implemented several SAP projects over the last nine years in North America and Asia. He has extensive experience in designing and implementing solutions in conjunction with SAP. He is skilled in helping clients to make strategic decisions for overall ERP implementations.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.