View CartView Cart
QuestionsContact Us

Expenditure (Procurement) Business Cycle - Audit Program & Testing Procedures for SAP ECC



This audit program is designed to help audit, risk and security professionals assess the Expenditure (Procurement) business process in SAP ERP Central Component known as SAP ECC. This audit program will help you identify any inherent risks, minimize exposure to such risks, ensure that necessary controls are in place and operate effectively, and ascertain reliability of the procurement process in SAP ERP.

This audit program is based on the latest auditing standards. It contains a comprehensive listing of control objectives and recommended controls to meet the objectives. It also contains detailed testing procedures, rather than generic descriptions of the controls. You'll receive step-by-step instructions on extracting the configurable options, user access and other reports from the system in support of individual control activities. The purpose of the testing instructions is to enable anyone to execute the tests in the SAP environment.

*NOTE* See below for more details. Also, use the "preview" icon below to view a part of the audit program to ensure it's right for you.

Audit Programs

Preview SAP Expenditure Audit ProgramTable of Contents:

The audit program contains 72 tests designed to evaluate the effectiveness of the key configuration settings, monitoring techniques and access restriction mechanisms to sensitive transactions in the SAP ECC. The audit program covers the following sub-processes in procurement:

Purchasing
Audit plan and testing procedures to ensure that only valid purchasing are entered into the system and that purchasing documents are entered accurately:
  • System access to create/maintain purchase requisitions, purchase orders & outline agreements
  • Controls to ensure purchase of materials is restricted to allowable vendors
  • Release procedures for purchase requisitions, purchase orders and contracts
  • Check for POs that did not require release (bypassed approval requirements)
  • Users with access to release purchase requisitions, purchase orders & outline agreements
  • Effectiveness of the available online edits that help avoid errors in purchasing documents
  • Configuration that blocks changes to sensitive data after the documents have been posted
  • Assessment of whether the tolerance limits for price variance have been appropriately configured
Processing Accounts Payable
Audit plan and testing procedures to ensure that the amounts posted to the A/P are accurately accurately calculated, recorded and processed and represent valid goods/services received:
  • Access to create/maintain credit memos and invoices without PO or goods receipt as support
  • Effectiveness of the configuration settings to flag potential duplicate invoices
  • GR-based invoice verification providing a 3-way match of the PO, goods receipt & invoice values
  • Test for available methods to bypass/circumvent the three-way match configuration
  • Configuration of the tolerance limits for invoice verification
  • Access to maintain the exchange rate table, rounding rules for currencies, translation ratios
  • Management of the Goods Received / Invoice Received (GR/IR) suspense account
  • Management of the vendor pricing info records, access to maintain info records and conditions
  • Logistics Invoice Verification processes (access to enter/process invoices, credit memos,etc.)
Processing Disbursements
Audit plan and testing procedures to ensure that disbursements are only made for goods/ services received, accurately calculated, recorded, and distributed to the appropriate suppliers, etc.:
  • Configuration of the payment programs and access to make the payments using automatic payment programs (create and maintain payment proposals and post outgoing payments)
  • Access to make the payments using manual outgoing payment option
  • Check to ensure "alternate payee" & "one-time vendor" functionalities are restricted/monitored
Maintaining Supplier and/or Vendor Master Files
Audit plan and testing procedures to ensure the validity, accuracy, and timeliness of changes to the vendor master files (users with access to maintain vendor master records, etc.)
Segregation of Duties
Controls to ensure employee responsibilities are separated in such a way that the opportunity to commit fraud within SAP ECC expenditure functions is not available.

Please click here to view a part of the audit program to ensure it's right for you.


Price: $70.00 (Instant Download)



Add to Cart
View Cart

© Copyright 2009-2012. All rights reserved.
None of the publications may be reproduced or transmitted in any form or by any means or for any purpose. Materials may be used for private study only, without warranty of any kind.