Use the CSI SAP Audit expertise!

Auditing / Review SAP authorizations: our auditing services range from very detailed audits (including detailed lists of who can do what, detailed and understandable risk descriptions, conceptual and procedural findings, relevant recommendations, Sarbanes-Oxley internal control impact) to quick scans (including even 1 day reviews on site with a bullet point remarks list at the end of the day). Our consultants have a leading knowledge about authorizations in the newest SAP releases (up to mySAP ERP 2005) based on the SAP NetWeaver platform and in the mySAP Business Suite applications (CRM, SRM,…)

Sarbanes-Oxley compliance reviews: This service focuses on analyzing the authorization weaknesses and defining other controls to counter the weaknesses that cannot be solved. Our approach is based on the COSO and COBIT model.

Auditing the technical infrastructure of SAP: One security aspect is to ensure that no backdoors can be used to intrude on or interfere with the functioning of a business-critical system like an SAP enterprise software application.  CSI performs audits on the security of the IT infrastructure underneath the SAP environment. This service can range from a high-level review of the network topology to a detailed inspection where all SAP-relevant network components (like firewalls, routers and operating system settings) are considered.

Reviewing the change management procedures in and around SAP: in order to ensure the continuity and integrity of an SAP enterprise software application that supports your business processes, adequate change management needs to be in place. CSI can audit the change management process in your company by reviewing the organization, procedures and implementation of this process.