Skip to Content
1
Jan 17, 2020 at 06:43 AM

Audit form - SAP Access Management

90 Views

Dear Team, External Audit has asked us to fill in a form with these questions: -

Form Name:

Application/Platform: SAP Access Management

Changes are defined as a total change of process, system upgrade or conversion, or a change in the team supporting the IT SOX processes for an application. If you indicate changes to your internal control processes, the External Audit may reach out for additional details (if necessary).

1. Have there been key personnel changes since the interim period was tested by External Audit Team ?

2. Have there been any IT system changes/upgrades interim period was tested by External Audit Team ?

3. Have there been significant changes to the internal controls since the interim period was tested by External Audit Team ?

4. Have there been significant changes to the internal controls since the interim period was tested by External Audit Team ?

5. Have there been any changes above (if applicable) or other significant issues that would impact the financial results
or financial SOX controls for your application/platform?

1, 2, 3, 4 are fine. Please let me know how to answer Question 5 from GRC Access Control Perspective or should it be rerouted to SAP FI team or Internal Audit team or to team which manages User Access Reviews.

Thanks

Raj