|
|
|
| SAP Security and Auditing Workshop |
|
|
| 25 – 27 April 20129:00 a.m. to 5:30 p.m.Location: Singapore |
|
| Synopsis: SAP Security and Auditing Workshop is a three-day seminar covering the following areas: |
|
 |
Day I (Wednesday 25 April 2012) – SAP BASIS & IT general controls |
|
Day II (Thursday 26 April 2012) – SAP authorizations & Segregation of Duties (SoD) |
|
Day III (Friday 27 April 2012) – SAP business process controls & configurable controls (procurement) |
|
| Participants have the option of attending the entire workshop or choose the specific topics they are interested in. The workshop is conducted in an interactive style, providing participants ample time to understand the concepts. The learning is enhanced with exercises and real-life experiences to demonstrate the relevance of the knowledge obtained from the workshop. |
|
|
|
|
|
 |
|
| SAP Security Clearing the Confusion |
|
Click here to download the slides for evening talk presented by Barun at ISACA Singapore in Mar’11 for an overview of various aspects of SAP security. |
|
|
|
| |
| The detailed agenda is as follows: |
| SAP BASIS & IT general controls |
| Participants will learn about BASIS controls in SAP and how it can be used to manage and audit IT general controls in SAP. This workshop specifically covers the following areas: |
|
SAP architecture |
|
Profile file and parameters |
|
Standard user master records |
|
Secure user administration |
|
Security auditing, table logging and transaction usage logs |
|
Segregation of environments |
|
System and client settings |
|
Change and transport system |
|
Securing tables and reports in SAP |
|
Important transactions, reports, tables and profiles |
|
SNC, transaction lock, SAPRouter, OS commands, etc |
|
| |
| SAP authorizations & Segregation of Duties (SoD) |
| Participants will gain insights on authorizations concept in SAP and how it can be used to design and audit SAP authorizations and SoD. This workshop specifically covers the following areas: |
|
Overview of SAP authorizations concept and Segregation of Duties (SoD) |
|
Authorizations concept – Authorization objects, authorizations, profiles, roles and user master records |
|
Authorization checks in SAP |
|
Disabling authorization checks |
|
Profile Generator |
|
Important transactions, reports and tables |
|
Auditing SAP authorizations |
|
SAP native tools |
|
Overview of third party tools such as SAP GRC |
|
Segregation of Duties |
|
Overview of Audit Information System (AIS) |
|
| |
| SAP business process controls & configurable controls (procurement) |
| Participants will get an overview of procurement process in SAP and gain insights on key risks in the business processes and various inherent, configurable & procedural controls available in SAP to address these risks. This also includes controls over master data. This workshop specifically covers the following areas: |
|
Overview of purchase process (i.e., purchase cycle and relevant modules) |
|
SAP organizational model for purchase process |
- Purchase organization and group
- Plant
- Storage location, warehouse, storage type and storage bin
|
|
Vendor master and material master – understanding key concepts, risks and controls |
|
SAP transaction data in purchase – understanding key concepts, risks and controls |
- Purchase requisition
- Outline agreement
- Purchase order
- Goods receipt
- Invoice receipt
- Vendor payment
|
|
Key concepts such as document types, movement types, document category, tolerance keys, etc |
|
Key controls such as release procedures, 3-way match, invoice blocking, reconciliation account, duplicate invoice check, etc |
|
Key transactions, tables and reports |
|
Overview of Audit Information System (AIS) |
|
|
| |
| Trainer |
The workshop is conducted by Barun Kumar, who is a Director with MANTRAN Consulting Pte. Ltd. And has more than 10 years of experience in SAP security. Barun was previously an Associate Director with IT Advisory practice of KPMG LLP in Singapore and has also worked as an AVP with Technology Risk Services practice of EXL Service and as Manager with IT Advisory practice of KPMG in India. Barun is an engineer, MBA, CISA, Approva Certified Professional (ACP) and ITIL v3 certified professional.
Barun has executed and managed SAP security projects in India, Singapore, South Africa, Belgium, France, Switzerland, UK and US. He has also delivered many SAP security trainings in India, Singapore, China and Indonesia.
Who should attend?
|
|
Internal auditors and IT auditors |
|
BASIS administrators |
|
SAP authorization administrators |
|
Risk and compliance managers |
|
Information security officers |
|
| |
| Fees |
| Entire workshop |
S$ 2,000 |
| Any 2 days |
S$ 1,600 |
| Any 1 day |
S$ 1,000 |
|
- Fees stated include lunch, refreshment, training materials (GST not applicable)
- 10% discount for early birds (until 29 February 2012) or existing clients
- 10% surcharge for late registrations (after 31 March 2012)
- Registration is on a first-come-first-served basis and closes on 16 April 2011.
|
| Please email us training@mantranconsulting.com for queries or registration |
| Mantran Consulting Pte. Ltd. reserves the right to cancel the seminar or amend the schedule, venue or speaker(s). Registration is on a first-come-first-served basis. We regret that we cannot give refunds, but changes in the personnel attending may be accommodated. |
|
|
|
|
|
|
|
|
|
