Table of Contents:

This SAP audit program contains 72 tests designed to evaluate the effectiveness of the key configuration settings, monitoring techniques and access restriction mechanisms to sensitive transactions in the SAP ECC. The control framework covers the following components of the procurement/expenditures business process:

Purchasing
Audit program and testing procedures to ensure validity and accuracy of purchase orders and other purchasing documents in SAP ECC:

• System access to create/maintain purchase requisitions, purchase orders & outline agreements
• Controls to ensure purchase of materials is restricted to allowable vendors
• Release procedures for purchase requisitions, purchase orders and contracts
• Check for POs that did not require release (bypassed approval requirements)
• Users with access to release purchase requisitions, purchase orders & outline agreements
• Effectiveness of the available online edits that help avoid errors in purchasing documents
• Configuration that blocks changes to sensitive data after the documents have been posted
• Assessment of whether the tolerance limits for price variance have been appropriately configured

Processing Accounts Payable
Audit program and test steps to ensure that the amounts posted to the A/P are accurately accurately calculated, recorded and processed in SAP and represent valid goods/services received:

• Access to create/maintain credit memos and invoices without PO or goods receipt as support
• Effectiveness of the configuration settings to flag potential duplicate invoices
• GR-based invoice verification providing a 3-way match of the PO, goods receipt & invoice values
• Test for available methods to bypass/circumvent the three-way match configuration
• Configuration of the tolerance limits for invoice verification
• Access to maintain the exchange rate table, rounding rules for currencies, translation ratios
• Management of the Goods Received / Invoice Received (GR/IR) suspense account
• Management of the vendor pricing info records, access to maintain info records and conditions
• Logistics Invoice Verification processes (access to enter/process invoices, credit memos,etc.)

Processing Disbursements
Audit plan and testing procedures to ensure that disbursements in SAP are made for goods/ services received, accurately calculated, recorded, and distributed to the appropriate suppliers, etc.:

• Configuration of the payment programs and access to make the payments using automatic payment programs (create and maintain payment proposals and post outgoing payments)
• Access to make the payments using manual outgoing payment option
• Check to ensure "alternate payee" & "one-time vendor" functionalities are restricted/monitored

Maintaining Supplier and/or Vendor Master Files
Audit plan and testing procedures to ensure validity, accuracy, and timeliness of changes to the vendor master files in SAP ECC:

• Access to maintain vendor master records
• Validity of changes to the vendor master data
• Maintaining ongoing accuracy of vendor information

Segregation of Duties
Audit guidance and testing procedures to ensure employee responsibilities are separated in such a way that the opportunity to commit fraud within procurement to payment business process (i.e., process fictitious purchase orders, etc.) in SAP ECC is not available or adequately mitigated.

Everything has been conveniently pre-documented with fill-in fields for company-specific information which will allow you to proceed with your assessment immediately.

Please view an excerpt from the audit program to ensure it's right for you.

Price: $80.00 (Instant Download)