Prepare for an Audit of Your SAP Systems: What You Need to Ensure a Successful Result
- by Steve Biskie, Managing Director, High Water Advisors
- March 26, 2010
Learn the fundamentals about auditors and the audit process. See the primary categories of an SAP audit, and tips on some of the more problematic areas within one of these categories — the general computer controls audit.
General computer controls (GCC) reflect a set of IT management, infrastructure, and process controls you should put in place for system effectiveness. They concern broad issues such as business continuity, troubleshooting, and support.
Everybody hates an audit. An audit of a company’s SAP systems can distract employees from their operational responsibilities, create an environment of conflict, and result in configuration changes, consuming precious time and resources. Worse, some audit findings may require costly rework — with issues becoming increasingly difficult to correct the longer they go undetected. While guidance exists for auditors who review SAP systems, little guidance exists for those being audited. Audit findings are common; unfortunately, many could be avoided if employees were better prepared for the audit itself.
See an overview of how auditors approach an SAP audit, discuss typical audit techniques, describe the common elements required for a well-controlled SAP infrastructure, and set the foundation for ensuring success in any type of SAP audit.
Would you like to see this full item?