Dear Team, External Audit has asked us to fill in a form with these questions: -
Form Name:
Application/Platform: SAP Access Management
Changes are defined as a total change of process, system upgrade or conversion, or a change in the team supporting the IT SOX processes for an application. If you indicate changes to your internal control processes, the External Audit may reach out for additional details (if necessary).
1. Have there been key personnel changes since the interim period was tested by External Audit Team ?
2. Have there been any IT system changes/upgrades interim period was tested by External Audit Team ?
3. Have there been significant changes to the internal controls since the interim period was tested by External Audit Team ?
4. Have there been significant changes to the internal controls since the interim period was tested by External Audit Team ?
5. Have there been any changes above (if applicable) or other significant issues that would impact the financial results
or financial SOX controls for your application/platform?
1, 2, 3, 4 are fine. Please let me know how to
answer Question 5 from GRC Access Control Perspective or should it be rerouted to SAP FI team or Internal Audit team or to team which manages User Access Reviews.
Thanks
Raj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.