Audit Services

SAP Audit Services: Even excellent SAP implementations could have security loopholes that make your data and/or processvulnerable to hacking, pilferage, sabotage, destruction etc. Given the extremely sensitive nature of business data and the necessity to follow differentiated processes, it is crucial that your systems are wholly secure. We at Novitatt offer our SAP System Audit service to help you breathe easy in this regard. As part of this service, we will:

  1. Analyze the SAP system and identify the potential security loopholes therein. Since every SAP implementation is uniquely customized for the client, it is imperative to make no assumptions while looking for loopholes. As part of our analysis, we will run through all possible business scenarios and identify those scenarios or a combination of scenarios that are vulnerable.
  2. Ensure apt segregation of duties and access controls, this could result in a more secure process flow and work distribution.
  3. Scan the Live production environment for redundant user IDs and superuser access.
  4. Study the access matrix and security profiles that are active on the development, test and production environments and ensure that they follow sound practices.
  5. Validate the Change Management processes and recommend changes, if need be. Change Management processes include testing procedures followed by developers, testers, project sponsors and business users as well as the manner in which changes are authorized and implemented.
  6. Review the initiation process for new employees accessing the system and recommend changes to them, if required.
  7. Ensure that disaster recovery procedures for data: such as database redundancy, timely backups etc. are foolproof and working as intended.
  8. Create the requisite new routines that will automatically audit data vis-a-vis a specific SAP function.
  9. Ensure that the system design allows financial auditors to perform their tasks efficiently and accurately.
  10. Validate the interfaces between the SAP system(s) and other systems such as legacy databases, third-party software etc.
  11. Harness the full power of SAP's inbuilt security/audit features while executing the tasks mentioned above.