sap audit management and sap license audit
DESCRIPTION
The SAP License Audit Procedure for user license manager analyzes all the users in the system and identifies the amount of time each user spends in the system. From this data, the tool recommends the right type of license classification for each user. The SAP License audit procedure also highlights the users who are not assigned to right license type. The tool models the reclassified user licenses as per the suggestions and highlights the cost savings for the company. The main benefits have come from what he calls ‘software harvesting’ — recovering licenses from users who no longer use an application SAP Audit Procedure for User License Saver Benefits: Gives the company real time access to actual license usage Identifies the most optimal license type Easily changes user license type classification SAP Audit procedure for User License manager will give the company cost savings.TRANSCRIPT
Compliance Designed WellAuditBot
AuditBot Overview• AuditBot provides…• expertise in intelligently identifying and responding to risks that impact SAP
System.
• So that…• organizations can automatically identify, manage and prevent Risks that result
in…– … user having excessive Access– … poor SAP security design– … risk due to security vulnerability– … costly audit findings
• We do this by providing…• a SAP Audit software solution that delivers precise, actionable and auditable
intelligence of control breakdowns across systems, processes and transactions
Automate Compliance
Improve Operations
Reduce Risk & Fraud
What can AuditBot do for you
• Automatically monitors key control points across the organization.
• Identifies, monitors, alerts, tracks control breakdowns.
• Pushes ownership & accountability of controls out to the organization.
• Provides independent layer of quality assurance.
• Ensures data integrity and quality SAP Systems.
Custom object analysis
Monitor 100% of transactions
Fully Automated
4
CFO / Finance
Internal Audit
CIO/IT
Compliance/ Risk
When developing a AuditBot business case it is important to understand what metrics will be used in the final evaluation.
• Reduced risk of adverse audit findings & fraud
• Increased business efficiency
• Improved internal auditor utilization
• Reduced testing time for routine controls
• Reduced IT cost of ownership
• Reduced external consulting fees
• Business benefits of compliance investments
• Reduced time and cost for monitoring controls
ROI from different team perspective
AuditBot will strengthen your
controls and provide better
business visibility.
13
”“
CHALLENGES
• As part of SAP Implementation project, company wanted to reduce segregation of duties (SoD) and sensitive access risks access.
• They want to keep track of their SAP Security posture and monitor regularly
• Manual process to monitor transaction and inactive users
• Clearly documented automated SoD, sensitive access controls, logs monitoring and custom object analysis
• Automation of tracking and alerting functional owner about the access
• Report easily run by Internal Auditor without support from IT, enables the IA validate compliance with company policies
RESULTS
Typical SAP System, with 2000 Users
14
• “Now we have all the sensitive transactions tracked and automated the user locking procedure”
• “Custom objects are now tracked and the Security posture intact”
Reduced Risk
Greater Assurance
Improved Productivity
• “There are no more audit surprises anymore. We have had no audit findings related to SOD or sensitive access since we implemented AuditBot.”
• “Now the sensitive access is tracked and user access data can analyzed quickly from one location.”
• “Now the internal audit team can track the security vulnerabilities and prevent any audit violations.”
RESULTS
15
• “All the audit programs are written in ABAP Program”
• “All the audit logs are gathered and recorded into custom table for unlimited use
ABAP Based
No New Hardware
Quick Implementation
• “Solution can be deployed in SAP System on the exiting hardware.”
• Existing company resource can support the product
• “Solution can be implement Quickly some time even within one day.”
• “Training the internal audit team is quick as the report are one click execution.”
Architecture