Compliance with regulations like Sarbanes-Oxley (SOX) often require a set of controls in place to mitigate risks to the integrity of financial reporting. Current ITGC testing performed by internal and external auditors is only focused on one slice of access risk. Different entry points into SAP systems are overlooked and present a higher level of risks that are currently not even assessed. How would you and your organization respond if presented with a scenario where you could 'ace' your ITGC audit and still be completely exposed?
In this session participants will:
- Be provided a snapshot of the current ITGC testing approaches commonly applied by auditors
- Learn the shortcomings of these approaches
- Understand the threats that exist to your SAP beyond the current ITGC scope and how they relate to compliance (specifically Sarbanes-Oxley)
- See how you can mitigate these risks BEFORE your internal and external audit