SAP Audit

Safety through Audits.

The complexity of SAP systems is barely controllable with "normal" administration tools.

Defective system settings in an SAP system and "untransparent" authorizations and role concepts can lead to serious breaches of security.

New software components with their own system parameters and authorization concepts increase the risk still more that holes in the system will remain unfilled.

The authorization and role concept is complicated to build by hand, or when it has grown organically - without fail, this leads to too many users working in the system with "high" authorizations and nobody can really supervise their activities.

With experience of more than nine years in the arena of SAP authorizations, Sivis offers a quick, proven and meaningful audit:

• Evaluation of the authorization concept and check of the existing SAP authorizations

 

• Identification of SAP segregation of duty aspects or conflicts (SoD)

 

• Display of SAP compliance requirements according to the Sarbanes Oxley Act (SoX) and the 8. EU-guideline(euroSoX)

 

• Assessment of SAP parameters, e.g. concerning logging, access protection and processes

 

• Evaluation of available documentation.

For the SAP audit, Sivis uses its own system SiAM, specially developed and used many times for this purpose.This system is used by many companies. e.g. Bayer AG, Harman/Becker, T-Systems, Woellner Group among many others. SiAM is certified by SAP and among other things is also used directly by public accountants.