Auditing SAP S/4HANA

Performing or preparing for an SAP S/4HANA audit? This is the comprehensive guide you need! Understand what goes into an audit, from the objectives and timing to the reporting process. Prepare an audit roadmap for the system as a whole, and drill down into specific domains: financials, order-to-cash, purchase-to-pay, and forecast-to-stock. Expert tips and tricks will have you prepared for your audit—whether you’re the auditor or the auditee. Highlights: Implementation and upgrades Internal controls Basis settings Security Financial reporting Order-to-cash Purchase-to-pay Forecast-to stock Tips and tricks Documentation

... Why This Book Is Important ... 17 ... The Structure of This Book ... 20 ... How to Use This Book ... 21 ... Disclaimer ... 25 ... International Issues ... 26 ... Acknowledgments ... 27 ... Parting Note to the Readers of This Book ... 28 1.1 ... How SAP S/4HANA Differs from Other ERP Systems ... 30 1.2 ... Terminology ... 35 1.3 ... Planning the Audit and System Assessment ... 42 1.4 ... Recent Updates to SAP Control-Related Functionality ... 46 1.5 ... Major Differences Between SAP S/4HANA and SAP ERP ... 48 1.6 ... Collecting and Documenting Evidence for Audit Workpapers ... 52 1.7 ... Useful Resources ... 55 1.8 ... Summary ... 56 2.1 ... Audit Overview ... 58 2.2 ... Types of Auditors ... 60 2.3 ... Categories of Audit Objectives ... 65 2.4 ... Auditing Principles and Considerations ... 67 2.5 ... Understanding the Audit ... 72 2.6 ... Audit Reporting ... 83 2.7 ... Rules of Engagement ... 86 2.8 ... Common Problems and Solutions ... 88 2.9 ... Emerging Audit Technologies ... 95 2.10 ... Summary ... 98 3.1 ... Timing for the Audit ... 99 3.2 ... The Building Blocks of an SAP S/4HANA Audit ... 102 3.3 ... SAP S/4HANA Internal Control Maturity Model ... 117 3.4 ... The Start of the Audit ... 120 3.5 ... Summary ... 126 4.1 ... What Is a Control-Conscious Implementation? ... 127 4.2 ... Reasons for Designing Internal Controls During an Implementation ... 131 4.3 ... Creating a Control-Conscious Integrated Implementation Team ... 139 4.4 ... Designing Effective Controls ... 150 4.5 ... Common SAP S/4HANA Audit-Related Implementation Issues ... 158 4.6 ... Control Considerations by Implementation Phase ... 162 4.7 ... Auditing the SAP S/4HANA Implementation or Upgrade ... 171 4.8 ... Summary ... 173 5.1 ... IT General Controls ... 175 5.2 ... Basis Settings and Transport Considerations ... 186 5.3 ... SAP User Security ... 208 5.4 ... SAP Fiori Security ... 220 5.5 ... SAP HANA Database and Platform Security ... 225 5.6 ... Special Considerations for SAP S/4HANA Cloud ... 229 5.7 ... Cybersecurity ... 242 5.8 ... Summary ... 243 6.1 ... Record-to-Report Cycle in SAP S/4HANA ... 246 6.2 ... Risks ... 248 6.3 ... Understanding the Enterprise Structure ... 250 6.4 ... Key Concepts ... 253 6.5 ... Master Data ... 255 6.6 ... Security Considerations ... 258 6.7 ... Understanding and Testing Common Controls ... 263 6.8 ... Additional Procedures and Considerations ... 291 6.9 ... Useful Audit-Relevant Report Highlights ... 292 6.10 ... Summary ... 296 7.1 ... Order-to-Cash Cycle in SAP S/4HANA ... 300 7.2 ... Risks ... 302 7.3 ... Understanding the Enterprise Structure ... 304 7.4 ... Key Concepts ... 307 7.5 ... Master Data ... 307 7.6 ... Security Considerations ... 316 7.7 ... Understanding and Testing Common Controls ... 322 7.8 ... Additional Procedures and Considerations ... 344 7.9 ... Useful Audit-Relevant Report Highlights ... 348 7.10 ... Summary ... 353 8.1 ... Purchase-to-Pay Cycle in SAP S/4HANA ... 356 8.2 ... Risks ... 357 8.3 ... Understanding the Enterprise Structure ... 360 8.4 ... Key Concepts ... 362 8.5 ... Master Data ... 363 8.6 ... Security Considerations ... 374 8.7 ... Understanding and Testing Common Controls ... 380 8.8 ... Additional Procedures and Considerations ... 401 8.9 ... Useful Audit-Relevant Report Highlights ... 404 8.10 ... Summary ... 409 9.1 ... Forecast-to-Stock Cycle in SAP S/4HANA ... 412 9.2 ... Risks ... 413 9.3 ... Understanding the Enterprise Structure ... 416 9.4 ... Key Concepts ... 417 9.5 ... Master Data ... 421 9.6 ... Security Considerations ... 425 9.7 ... Understanding and Testing Common Controls ... 427 9.8 ... Useful Audit-Relevant Report Highlights ... 433 9.9 ... Summary ... 441 10.1 ... The Audit Information System ... 443 10.2 ... Data Analysis Techniques for Uncovering Audit and Compliance Issues ... 448 10.3 ... SAP Governance, Risk, and Compliance Solutions ... 459 10.4 ... Continuous Auditing, Monitoring, and Risk Assessment ... 460 10.5 ... Robotic Process Automation ... 461 10.6 ... Summary ... 466 11.1 ... Overview ... 468 11.2 ... Pre-Planning ... 469 11.3 ... Documentation: Preparing an Audit Information Repository ... 471 11.4 ... Systems: Preparing for the Auditor ... 487 11.5 ... Employees: Preparing Your Team ... 490 11.6 ... Summary ... 492