What issues must an auditor adress with the SAP ERP environment?
Why is auditing SAP ERP different?
SAP ERP has great flexibility and breadth of functionality.
It has a different application / environment split than other ERP.
Why do you need Compliance?
There is always an information gap and a
conflict of interests between producer and
customers / between management and shareholders
Give a definition for GRC. And explain the 3 main factors.
GRC refers to a company's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management and corporate compliance.
Governance: Effective as well as ethical management of a company.
Risk:effectively mitigate risks, which hindern the company to be competitive.
Compliance: External regulations for the business operations and data retention.
What are benefits of using GRC?
Higher quality information
Better capital allocation
What are challenges for audits? (4)
changing and very different regulations
Increased oversight of processes
Tighter control of manual entries
Which one is with GRC and which one without?
What does GRC stand for?