SAP Post Implementation Audit – Part 1
SAP Post Implemenation Audit – part 1
Author: Ranjit Simon John
Introduction to Audit in SAP
We all will be familiar with various types of Audit, Financial, Administrative, IS etc.
In the modern corporate world IS auditing is gaining more weight age due to the dependence of Business on IS. Auditing a traditional IT environment was more easy compared to auditing business process where highly complex ERP systems are implemented.
For a company with ERP system, it will be easy to certify the success of ERP implementation based on the KPIs defined. But few years down the line it will be highly difficult to check and analyze whether the system complies with the corporate governance rules.
The objectives of corporate governance are threefold:
. Transparency of information
. Internal control of processes
. Effectiveness of internal controls
The SAP process provides a consistent flow of data and information that enables the information to be controlled more quickly and accurately.
You can also configure additional controls for mySAP ERP Financials.
For example, you can arrange that every posting that exceeds a certain amount is marked and identified accordingly. You can monitor reported financial data and other key figures at any time.
Whenever a critical threshold is reached, you can investigate the cause of the problem.
SAP NetWeaver and SAP ERP offer built-in controls, including:
- Internal system controls
- Configurable controls
- Security controls
- Report control
Criteria for preparing Audit Questionnaire
The audit questions should be framed based on a drill down approach on the business process.
Example: The impact of Financial Accounting on Sales & Distribution business process.
Control Objectives and Risks in the Sales & Distribution Process mentioned above has to be developed;
Define every business process in each business units for identification of Control Objectives and Risks.
In the Sales & Distribution example mentioned the Control Attributes to be checked for Process Step PS2 is shown below;
The Risk associated with each business process control is identified.
Screen Shot of SAP MIC Implemented Tool.
To do basic auditing for the business process in SAP use TBI_REPORTS tool.
Execute ST13 -> Tool Name TBI_REPORTS
All the major business process checks can be checked and analyzed through the tool
Example: TBI report executed for Procurement -> Purchase Orders
For conducting audit through PLMD_AUDIT, check the blog;
SAP Post Implemenation Audit – Part 2