Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: SAP GRC Continuous Controls Monitoring

05/31/07

Permalink 06:31:00 am, Categories: SAP R/3, SAP FICO, 223 words   English (US)

SAP GRC Continuous Controls Monitoring

Yesterday, I talked about SAP's GRC initiative and how it is useful to company's in their governance risk and compliance efforts. SAP GRC process controls helps in strengthening controls by continuously monitoring them. Most SOX directors agree that compliance needs to be a continuous process i.e. identifying fraud, process gaps, risks needs to be inbuilt within the entire application framework.

To enable this, SAP GRC monitors master data and also configuration setups within the various SAP modules like FICO, SD, MM, PP, PS and points out specific transaction entries which could potentially pose a risk. This sort of automated monitoring based on data rules is very useful as it can reduce the manual checking effort to a minimum. SAP GRC can be leveraged so that internal auditors can only focus on high risk and high impact transactions. To take an example, in the purchase to pay process, SAP GRC can be used to monitor vendor payments for duplicacy. Similarly, duplicate vendors and how cash position is affected after each payment can also be followed. All such functionalities in SAP GRC application suite can give a strong level of comfort to the statutory auditor in assessing the financial statements and forming an opinion.

Related Posts

SAP R/3 System Landscape
SAP R/3 Installation Guide
Manual Authorization Roles in SAP R/3
SAP System Administration Concepts

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?