Lernkarten
What issues must an auditor adress with the SAP ERP environment?
General IT Controls may not be enough
Can all accounts be audited substantively
Is the transaction monitoring authentic
Are the inherent risks managable?
Why is auditing SAP ERP different?
SAP ERP has great flexibility and breadth of functionality.
It has a different application / environment split than other ERP.
Why do you need Compliance?
There is always an information gap and a
conflict of interests between producer and
customers / between management and shareholders
Give a definition for GRC. And explain the 3 main factors.
GRC refers to a company's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management and corporate compliance.
Governance: Effective as well as ethical management of a company.
Risk:effectively mitigate risks, which hindern the company to be competitive.
Compliance: External regulations for the business operations and data retention.
What are benefits of using GRC?
Higher quality information
Process optimization
Better capital allocation
Improved effectiveness
Protected reputation
Reduced Cost
What are challenges for audits? (4)
changing and very different regulations
Big data
Increased oversight of processes
Tighter control of manual entries
Which one is with GRC and which one without?
Left with GRC and right without GRC
Left without GRC and right with GRC
What does GRC stand for?
Governance
Compliance
Risk Management
