Sample SAP Security Audit Project
Overview
We were engaged by the nation’s largest propane company to audit of the effectiveness of implemented controls within the security environment. Our procedures included testing change management, critical interfaces, security policies and procedures, password security, system profiles and security parameters, super user access privileges and the user provisioning process throughout SAP. In addition, we inspected sensitive and Basis administration transactions.
Outcome
Based on the findings and observations noted during the audit, the company was able to successfully remediate any control deficiencies prior to audit procedures performed by their external auditors.
Sample SAP Security Administration Support Project
Overview
In support for a global implementation of SAP security, we were engaged to help design a methodology which allowed the organization to assign access privileges to users based on their job responsibilities and in accordance with compliance requirements such as segregation of duties. This methodology included configuring base roles (master roles) which were then derived based on restricting an end users access privileges to various location specifications. The project team then configured job title roles (composite roles) which represented an individual’s job specific responsibilities. These roles were assigned to the users at “Go Live” based on their define job titles and functions. In addition, we leveraged our role design accelerators to induce efficiencies throughout the project.
Outcome
The Company met their compliance initiatives and enjoy a role design which is free from segregation of duties and structured in a manner that facilitates assignment by job responsibilities.
SAP® is a registered trademark of SAP AG.
