Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP System Audit - Post Implementation Audit

former_member183818
Contributor
‎07-10-2012 9:22 AM
SAP System Audit - Post Implementation Audit - Part 1
Author: Ranjit Simon John
One of the main challange faced by companies that has implemented SAP ERP (any ERP) will be to get a clear understanding of the current ERP system. Two or three years after implementation what will be status of the system.
The main areas of focus will be;
- Whether all the management controls are working fine
- Whether all the postings are being done as per accounting standards
- Whether proper documentation is being maintained
- Whether critical business related activites are done accurately etc.
A lot of practical difficulties arise in doing a ERP post implementation audit. Main challange is to frame the right set of questions and how to obtain answers for those. From my experience and research, I have prepared a question list of more than 500 questions both from the functional and technical side, which drill downs to the minutest level providing all the necessary data required for the audit.
SAP has provided a very powerful framework in the standard ERP package for conducting Audits, evaluvating them and taking corrective actions.
In this article I will explain how to set up the audit components, prepare audit and question list in SAP. Before starting the Audit user must have a clear understanding on the end result to be achieved from the audit.
User should have answer for the following questions before starting the Audit procedure;
  1. Kindl of Audit to be Conducted (Technical or Functional)
  2. Number of questions for the Audit
  3. Structure of list of Questions (Question drill down level)
  4. Valuation type of Questions
  5. Question Priorites
  6. What kind of Audit Controls to be implemented
  7. Audit purpose
  8. Audit Type
  9. Kind of rating for the questions
First we need to do few configuration changes to tune the audit as per our requirement.
Execute transaction SPRO --> SAP reference IMG --> Cross-Application Components --> Audit Management
Audit Management is diveded into four categories.
Figure 1.0
For setting structure list of questions;
Figure 2.0
Create what kind of Question Profile is required. I have created "Part-Sub Part-Element-Sub Element-Sub Qu" for the Audit purpose.
Figure 3.0
Once the question profile is created you have to create the drill down level for the profile. Below attached is the pictorial representation of the drill down level for questions I created.
Figure 4.0
Figure 5.0
Similarly you can create  drill down level according to your requirement. After defining the question hirerachy you have to specify the Valuation Specification and the scores to be awared for each value.
Figure 6.0
I have created valuation 8003 Valuation of PRD system. By selecting the created valuation profile double click on the "valuation" icon on the right side. There we need to set the details of valuation and the scores we intend to provide for each.
Figure 7.0
After valuation profile is entered enter question priority.
Figure 8.0
Audit control / Audit Definition requirements has to be configured.
Figure 9.0
Now all the configuration related to conducting the Audit has been configured. Now we have to create Audit, Audit Plan, Question List.
Following are the main objects used for the Audit;
1) Audit Plan
  
The audit plan consists of all audits planned for a particular period of time. For example, all audits that are to be executed in the space of one year are defined in an annual audit plan. There is always only one current version of an audit plan, where all date shifts and the degree of completion for the individual audits can be found.
2) Audit
  
An audit, according to DIN EN ISO 9000, is a systematic, independent, and documented process used to obtain audit results and to evaluate these results objectively in order to determine to what extent the criteria of the audit have been fulfilled. 
3) Question List
Question lists are multilingual collections of questions that are answered during the execution of the audit . The allowed valuation can be planned for each hierarchy level.
4) Corrective Actions
These are actions that are deemed necessary to eliminate the cause of errors that were determined during the audit and to prevent the recursion of these errors. The corrective actions to be executed must be appropriate to the effects that the particular error has on the product.
5) Preventive Actions
These are actions that are deemed necessary to eliminate the causes of possible errors before they occur. The preventive actions to be executed must be appropriate to the effects that the possible error could have on the product.
 
An audit, according to DIN EN ISO 9000, is a systematic, independent, and documented process used to obtain audit results and to evaluate these results objectively in order to determine to what extent the criteria of the audit have been fulfilled.
Execute transaction PLMD_AUDIT, first create the question list required for the audit with the components newly configured.
Figure 10.0
For example purpose I have created questions up to 15 drill down level
Figure 11.0
Attaching one real scenario from my Audit question list.
Figure 12.0
Once the question list has been created, you have to release the question list.
Figure 13.0
Figure 14.0
Once the question list is attached to the audit we need to evaluate the questions. Evaluvations will be based on the configuration done in SPRO.
Evaluvation:
Execute transaction PLM_AUDITMONITOR. Select the required fields and execute.
Figure 15.0
Select the required audit. Clisk on the Ovierview button. Clik the Validate button for valuation.
Figure 16.0
The main success factor for any audit depends on the questions used for the audit. Let me add few of the topics under which I have prepared the question list.
The main topics are;
  • System Overview
  • Security & Access Protection
  • Workbench Organizer
  • Transport System
  • Accessing and Logging DB Tables
  • Job Request Procedure
  • Documentations
  • System Logs
  • Batch Input Interface
  • Master Data Changes
  • Reconciling Posting Data Closing
  • Invoice Checking and Posting Run
  • Business Process Auditing
  • BASIS Audit
Once the audit question list is created / uploaded to SAP\, user must create a sample set of check list to be submitted to the client. The Check list should contain;
* All the documents that client has to Submit
* All the questions client has to answer.
Every company should run the audit at least twice a year to ensure that the system is working perfectly, no manipulations are done, to ensure 100% management control over the system ther by over the employees.
Also refer;
ranjit.john
16 Comments
Labels in this area
Popular Blog Posts