User:BuzimoVuzadi

From LVSKB
Jump to: navigation, search

Implementation of an SAP system involves changing to a highly integrated environment, which can be complex to implement. This happens because SAP System integrates multiple business processes. It may also require significant adjustments to existing business processes and might also require that you realign your organization. These changes therefore do not just impact the data technology organization and controls, but in addition primary business processes and the organization itself. However, the reliability and continuity of business processes and the establishment of management information isn't assured by implementing SAP software alone. During the project, adequate attention also needs to be paid for the business benefits how the new system can deliver and it is effect on controls. The primary goal from the company ought to be never to tolerate any SAP risk within the system. This implies no risks inside the systems. This rule can only be effectively enforced if the upper management is in agreement with the SAP IT Audit team and result in the rest in the organization aware that SAP IT Compliance may be the number one priority. The company does not comprehend the purpose and make use of from the product. Whenever a SAP IT Audit compliance option is purchased, the IT department and the internal audit department should concur around the current pain points which needs to get addressed and determine if the SAP IT Audit software can resolve this problem. Before implementing the SAP IT Audit Solution all of the teams which will likely be affected due the brand new process needs to be consulted and really should be associated with approval process One from the key areas that could trip the SAP IT Audit solutions is not having an air tight change management process to your user access and alter management. Without the strong change management all of the SAP Audit compliance will be out your window. More over there needs to be combined ownership of the SAP Security roles with the process owners and SAP IT audit team Poor configuration also is a major problem. This could be due to two aspects, one if the business does not want to implement certain elements of SAP IT Audit automation solution and the opposite is, if the one that is configuring the machine does comprehend the functionality of the product. The Internal audit team should assume responsibilty for enforcing the process. In the big event the Internal audit team is not involved, changes could possibly be moved in the system without approval. This can introduce SAP Risk in the system and will invalidate the SAP IT Audit compliance achieved with large amount of effort from numerous teams. One from the prime avenues how a SAP Risk might be introduced in the SAP System is thru changes for the access on the user or role without approval from every one of the teams involved. So any changes should be closely monitored for keeping the firms SAP IT Audit compliance intact. Reference

Retrieved from "http://kb.linuxvirtualserver.org/wiki?title=User:BuzimoVuzadi&oldid=16858"