SAP Audits and Controls

Schneider Downs has the SAP ECC, SAP S/4HANA, and SAP GRC expertise to assist organizations to identify their SAP key controls and to partner with organizations in their on-going control and audit compliance requirements.  Organizations use our services in every part of their SAP maturity journey, including guiding companies with controls requirements during the implementation process, post-implementation and segregation of duties reviews, annual audits and SAP health checks and testing.  Our professionals are well versed in the entire SAP environment and multiple SAP versions.  Our services include extracting data from SAP tables for data analysis, ITGC testing including SAP security and SAP transport management, SAP application controls within the IMG, auditing supporting operating systems, SAP GRC solutions, and SAP ancillary/bolt-on applications.  We serve clients that range from mid-size to large as well as international companies.

SAP services that we offer include:

  • Outsourcing and co-sourcing of SAP audits
  • Reviewing key deliverables of SAP projects (e.g., evaluating the project plan, participation in periodic status meetings with the project team, reviewing key controls and security, and other key deliverables, etc)
  • Assist in documenting SAP business and IT (ITGC and application) controls
  • Assess Security and Controls Strategy
  • Develop audit programs and testing instructions for the Security/Controls/Internal Audit Teams
  • Conduct SAP audit training
  • Evaluate SAP security roles
  • Evaluate the design and testing effectiveness of SAP key controls within a controls framework 
  • Conduct SAP post-implementation review, ITGC, automated control, and business process audits  
  • Evaluate the Segregation of Duties (SOD) Rule Set, sensitive transactions, emergency request process, and the SAP transport change process
  • Assist in customizing the SOD Rule Set and sensitive transactions

For each service, Schneider Downs uses a top-down, risk based approach that fits the organization size, culture, and requirements.  We will work collaboratively with management on the scope and testing approach.  Our approach includes periodically communicating status, issues, and providing a report with recommendations to strengthen the SAP controls environment.

 

our thoughts on

Ransomware Still a Growing Problem for Organizations of All Sizes

While the concept of malware-based extortion has remained relatively unchanged since the first documented occurrence in 1989, attackers have spent the

read more >

Application to Receive Funding for On-Road and Class 8 Fleet Vehicle Projects in Pennsylvania Now Available!

As you know from our previous articles (Volkswagen Environmental Mitigation Trust Fund), Volkswagen is obligated to fund various environmental trusts for

read more >

Financial Fitness: Setting SMART Goals

This article was originally published in Wedgewood Life magazine and is reprinted with their permission. Happy New Year! As the calendar flips and a New

read more >

Good News Regarding Excess Business Losses For Your Pass-Through Construction Business

If you own a construction business, you know all too well that one or more bad contracts can make or break the financial results for the year. If you were

read more >

Financial Fitness - Are my personal finances on the right track?

This article was originally published in Wedgewood Life magazine and is reprinted with their permission. This is a frequently asked question by my clients

read more >

Defining UBIA for Oil and Gas Producers

One of the most impactful changes resulting from 2017’s Tax Cuts and Jobs Act was the introduction of the deduction for qualified business income

read more >

Effective Dividends to Receive a 100% Deduction under New Proposed Treasury Regulations

It should come as no surprise that taxpayers seek to minimize tax liability and maximize tax benefit. One way to achieve that result is for taxpayers to

read more >

Part Four in a Series: Managing Risks of Technologies Emerging as Business Opportunities: Robotic Process Automation

Are you tired of sending the same email every week? How about searching for information from past audit documents? Lucky for you, a resolution for these

read more >

Is Compiling Your 2018 1040 Documents Painful? Sign up for TaxCaddy with Schneider Downs to Reduce Your Tax Compliance Burden

Tax simplification has arrived! Schneider Downs is proud to introduce TaxCaddy, for our individual tax clients. TaxCaddy is a safe and secure software

read more >

Revenue Recognition Standard finally effective for nonpublic companies. Are you ready or still in denial?

I was just there for the massage. I had no knowledge of any hush payments. It’s all about respect in the locker room. The adoption of ASC Topic 606,

read more >

International Tax Update: OECD Releases Latest Edition of Model Tax Convention

On April 25, the Organisation for Economic Co-operation and Development (OECD) formally released the tenth edition of its Model Tax Convention on Income

read more >

I Want Mine - Social Security Simplified

I have this love/hate relationship with social media. In late April, when The 2019 Social Security and Medicare Trustees Reports were published, the key

read more >

Manufacturing's Workforce Crisis

According to the National Association of Manufacturers' latest Outlook Survey, 90% of manufacturers are optimistic about their company's future.

read more >

Proposed Accounting Standard Update Would Delay Private Company Effective Dates for Leases, Current Expected Credit Losses (CECL) and Hedging Updates by One Year

On July 17, 2019, the Financial Accounting Standards Board (FASB) voted unanimously to move forward with delaying the effective start date for recent accounting

read more >

ACFE releases Anti-Fraud Technology Benchmarking Report

With the advancement of technology over the years, the avenues for fraud perpetration, protection and detection have multiplied. In an effort to gain a

read more >

Capital One Data Breach Exposes 100 Million Records to Seattle Hacker

Barely a week after the Equifax data breach was settled for nearly $650 million dollars, there appears to be news of an almost equally large mega-breach

read more >

#1 Mobile App Garners Concerns Over Data Privacy

If you haven't already downloaded FaceApp, you have probably either heard of it or witnessed your Facebook turn from an office party to a nursing home

read more >

Department of Labor Announces Rule to Strengthen Retirement Security for Millions Employed in Small and Mid-Sized Businesses

Citing a 2018 report by the U.S. Bureau of Labor Statistics that approximately 38 million private sector employees in the United States lack access to

read more >

Questions to Ask Before Ransomware Hits Your Business

In the past, a ransomware attack would target a single computer and ask the victim for $500. But now, what we see during our own cyber-incident response

read more >

The Physical Side of Cybersecurity

At Schneider Downs, we always strive to uphold our responsibility to serve as trusted cybersecurity advisors to our clients and to the community at large.

read more >

Vulnerability Scanning versus Penetration Testing

When organizations look to assess the resiliency of their information systems, there tends to be some confusion around what exactly vulnerability scanning

read more >

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
High tax burden for family-owned franchisor.
big thinking:
Comprehensive planning for a 15% tax reduction.

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102