View CartView Cart

QuestionsContact Us

Audit Programs

Table of Contents:

This audit program for SAP contains 46 tests. The control framework has been specifically designed to help evaluate the adequacy and the effectiveness of the key configuration settings and access restriction mechanisms to a variety of sensitive basis transactions in SAP R/3, including:

SAP audit plan and testing guidelines to assess batch job and background session processing and administration functions in SAP R/3:
  • Batch scheduling and batch processing authorizations in SAP R/3
  • Ability to delete jobs of other users
  • Ability to administer background sessions in SAP R/3
  • Ability to schedule jobs under different user IDs
  • Access to the batch input management functionality in SAP R/3
  • Monitoring procedures to identify processing errors and/or issues & much more.

Guidance on a
uditing end-user authorization and administration functions in SAP R/3:
  • Access to maintain roles, authorizations and authorization profiles
  • Access to maintain the assignment of the authorization objects to transactions
  • User master record maintenance in SAP R/3
  • Access to assign roles or profiles to users
  • Controls to ensure access to the SAP R/3 system is authorized by management
  • Controls to ensure access to the SAP R/3 is disabled for employees who no longer require such access, etc.

Guidance on a
uditing safeguards against unauthorized access to or modifications of programs and data:
  • Access to edit and execute programs online and in the background
  • Access to modify table content in SAP R/3, including critical systems tables or security tables and client-independent tables
  • Access to maintain SAP R/3 Data Dictionary 
  • Security of the custom tables, custom programs, and custom transactions, etc.

Guidance on a
uditing implementation and administration of the system configuration & security settings:
  • Access to maintain/configure application server parameters
  • User access to maintain instances
  • Configuration of the SAP R/3 password parameters
  • Security of the vendor supplied user IDs
  • Access restriction to the powerful SAP R/3 profiles
  • Locking critical and sensitive transaction codes
  • Security of the remote access to/from the system, including interface communications, etc.

SAP audit guidance on a
uditing change management and control:
  • System configuration to enforce appropriate change management process to prevent changes made directly in production 
  • Ensuring that SAP R/3 system landscape supports separation of production environment from development environment
  • Access policies over transports
  • Security of the developer keys
  • Controls to ensure that access to develop programs is not allocated in production and more.

Everything has been conveniently pre-documented with fill-in fields for company-specific information (entity name, date, data extracted from the system, etc.) which will allow you to proceed with your assessment immediately.

Please view an excerpt from the audit program to ensure it's right for you.

Price: $50.00 (Instant Download)

Add to Cart
View Cart