Auditing and GRC Automation in SAP

Author: Maxim Chuprunov

Publisher: Springer Science & Business Media

ISBN: 3642353029

Category: Computers

Page: 525

View: 7271


Over the last few years, financial statement scandals, cases of fraud and corruption, data protection violations, and other legal violations have led to numerous liability cases, damages claims, and losses of reputation. As a reaction to these developments, several regulations have been issued: Corporate Governance, the Sarbanes-Oxley Act, IFRS, Basel II and III, Solvency II and BilMoG, to name just a few. In this book, compliance is understood as the process, mapped not only in an internal control system, that is intended to guarantee conformity with legal requirements but also with internal policies and enterprise objectives (in particular, efficiency and profitability). The current literature primarily confines itself to mapping controls in SAP ERP and auditing SAP systems. Maxim Chuprunov not only addresses this subject but extends the aim of internal controls from legal compliance to include efficiency and profitability and then well beyond, because a basic understanding of the processes involved in IT-supported compliance management processes are not delivered along with the software. Starting with the requirements for compliance (Part I), he not only answers compliance-relevant questions in the form of an audit guide for an SAP ERP system and in the form of risks and control descriptions (Part II), but also shows how to automate the compliance management process based on SAP GRC (Part III). He thus addresses the current need for solutions for implementing an integrated GRC system in an organization, especially focusing on the continuous control monitoring topics. Maxim Chuprunov mainly targets compliance experts, auditors, SAP project managers and consultants responsible for GRC products as readers for his book. They will find indispensable information for their daily work from the first to the last page. In addition, MBA, management information system students as well as senior managers like CIOs and CFOs will find a wealth of valuable information on compliance in the SAP ERP environment, on GRC in general and its implementation in particular.

Cross-Enterprise Integration with Sap Grc Access Control

Author: Raj Behera

Publisher: SAP PRESS

ISBN: 9781592292509


Page: 138

View: 2799


This book provides cross-enterprise configuration instructions and best practices for SAP GRC Access Control implementations in companies with multi-system architectures. The author provides the implementation strategies, configuration steps, and best practices necessary to implement and manage a global access control, risk remediation, and compliance framework across a multi-system landscape, including non-SAP and legacy systems. Readers discover how to use Offline Risk Analysis, Real Time Analysis, and Management Update Report to manage risk analysis across the enterprise and quickly come to understand how to build and manage a rule matrix for a multi-system enterprise using the Real Time Agent (RTA), as well as the functional use of the Rule Architect. Plus, learn how to configure AC for use with the most common non-SAP systems such as Oracle, PeopleSoft, JDEdwards, and others. You'll find out how best to determine the setup of cross-enterprise mitigation controls and alternative controls to mitigate risk as well as how to educate management about conflicts approval and monitoring. Finally, the author shows you how you can develop and execute a plan for Continuous Compliance using best practices for simulation, monitoring, and control.

Explaining a SAP® GRC ARA/RAR SOD

Defining the Rule Set Stake Holders

Author: N.A

Publisher: LTR Design, LLC


Category: Technology & Engineering

Page: 3

View: 6197


The purpose of this article is to assist you in establishing policies around creating and maintaining your companies SAP® GRC ARA/RAR rule set. Additionally this article will give guidance to identifying the necessary departments and their roles for a successful SAP® GRC ARA/RAR implementation. To accomplish this you will need to focus on the rule set management by engaging your companies SAP® GRC ARA/RAR stake holders and defining change management policy. By the end of this article you will be able to establish SAP® GRC ARA/RAR stake holders and establish policies around your SAP® GRC ARA/RAR rule set.

Cloud Computing

Author: Sandeep Bhowmik

Publisher: Cambridge University Press

ISBN: 1316638103

Category: Computers

Page: 435

View: 2460


Written in a tutorial style, this comprehensive guide follows a structured approach explaining cloud techniques, models and platforms. Popular cloud services such as Amazon, Google and Microsoft Azure are explained in the text. The security risks and challenges of cloud computing are discussed in detail with useful examples. Emerging trends including mobile cloud computing and internet of things are discussed in the book for the benefit of the readers. Numerous review questions, multiple choice exercises and case studies facilitate enhanced understanding. This textbook is ideal for undergraduate and graduate students of computer science engineering, and information technology.

SAP GRC For Dummies

Author: Denise Vu Broady,Holly A. Roland

Publisher: John Wiley & Sons

ISBN: 9781118052594

Category: Computers

Page: 342

View: 6496


Governance, risk, and compliance—these three big letters can add up to one giant headache. But GRC doesn't have to be a boil on your corporate behind. SAP GRC For Dummies untangles the web of regulations that confronts your company and introduces you to software solutions the not only keep you in compliance, but also make your whole enterprise stronger. This completely practical guide starts with a big-picture look and GRC and explains how it can help your organization grow. You'll find out why these regulations were enacted; what you can do to ensure compliance; and how compliance can help you prevent fraud, bolster your corporate image, and envision and execute the best possible corporate strategy. This all-business handbook will help you: Understand the impact of Sarbanes-Oxley Control access effectively Color your company a greener shade of green Source or sell goods internationally Keep your employees safe and healthy Ensure that data is kept secret and private Manage information flow in all directions Enhance your public image through sustainability reporting Use GRC as the basis for a powerful new corporate strategy Complete with enlightening lists of best practices for successful GRC implementation and conducting global trade, this book also puts you in touch with thought leadership Web sights where you can deepen your understanding of GRC-based business strategies. You can't avoid dealing with GRC, but you can make the most of it with a little help from SAP GRC For Dummies.

SAP Basis Administration Handbook, NetWeaver Edition

Author: Ranjit Mereddy

Publisher: McGraw Hill Professional

ISBN: 0071663487

Category: Computers

Page: 512

View: 573


Implement a powerful end-to-end SAP administration solution Get peak performance from your SAP ERP infrastructure using the detailed implementation, maintenance, and support information in this comprehensive resource. SAP Basis Administration Handbook, NetWeaver Edition delivers integrated management strategies covering both ABAP and Java stacks. Discover how to deploy components, accurately size throughout, configure Oracle databases, back up your system, and repair performance problems. Career trends, certification requirements, and marketable SAP Basis skills are also discussed in this practical guide. Essential Skills for SAP Professionals: Plan, prepare, and install SAP NetWeaver Application Server Set up, configure, and troubleshoot Java and ABAP stacks Establish server infrastructure and efficiently balance workloads Incorporate transport management and software logistics Resolve performance issues and startup problems Access SAP support infrastructure through SAP Service Marketplace Manage and back up Oracle databases using BR*TOOLS Perform system copies, stack upgrades, and OS/DB migrations