SAP Audit Black Book

Kogent Learning Solutions Inc.

ISBN: 9789351194088

426 pages

eBook also available for institutional users 

INR 699


This book, SAP Audit Black book, brings you a simple, to the point non-technical jargon free discussion on auditing of SAP Systems along with comprehensive real life examples based on author’s real life audits. It is one of the first SAP Audit books that cover real life internal controls and business cycles rather than plain technical discussion. Targeting intermediate and advanced-level readers.



Chapter 1: Introduction to ERP Systems

ERP Systems and their Origin

Prerequisites of an Effective ERP System

Major ERP Vendors

J. D. Edwards


Oracle Applications

Oracle Project Fusion

Microsoft Dynamics

SAP Business One


Chapter 2: ERP Risks - An Auditor’s Perspective

Basic Objectives of Auditing and ERP

Basic Challenge of ERP Systems

ERP Risks for Auditors

Lack of Audit Trial

Speed of Processing

Multiplicity of ERP Systems

Reliance on a Single Integrated Location for Data Storage

Tight Integration of Business Processes

Critical Access to ERP Systems Maintained by Non-Financial People

Lack of Proper Training of End Users

24X7 Multiple Access

Need for Knowledge of the System

Extent of Computerization


Chapter 3: Introduction to SAP

Need of SAP

Introducing SAP

History of SAP

Exploring Evolution of SAP and Various SAP Products

SAP R3 or Three-Tier Architecture of SAP System

Modular Approach of SAP System

Exploring Various SAP Modules

Discussing Versions of SAP

Introduction to SAP NetWeaver Technology

Exploring EHP - The Modern Method of Software Upgrades

Looking Forward


Chapter 4: Basic Skills Required for Auditors

Starting the SAP Server

Different Clients Available with SAP

Web G2UI


Logging into SAP

Methods for Executing Transactions in SAP

SAP Easy Access Menu


Navigation Skills

Basic Navigation Skills

Advanced Navigation Skills

Identifying the SAP Version in Use

Perform the following steps to identify the version of SAP:


Chapter 5: Enterprise Structure Elements for Auditors

What is an Enterprise Structure?

Why is Enterprise Structure needed?

Basic Building Blocks of Enterprise Structure

Financial Accounting

CO - Controlling or Management Accounting

MM - Materials Management:

SD - Sales and Distribution

Basic Concepts of Financial - FI Enterprise Structure

The Big Picture


Chapter 6: End-to-End Business Cycles for Auditors - O2C & P2P

Introduction to Business Processes

Procure to Pay - P2P - End-to-End Business Cycle

Order to Cash - O2C - End-to-End Business Cycle

Order to Cash - O2C Cycle & Procure to Pay - P2P Cycle Execution in SAP

O2C Cycle


Sales Order



P2P Cycle

Purchase Order

Goods Receipt

Displaying Vendor Balance

Outgoing Payment

Post Outgoing Payment

Down Payment Request

Post Down Payment


Chapter 7: Audit of Integration of SAP Modules

Concept of Automatic Account Assignment

FI - AA Integration

Assign G/L Accounts

FI - CO Integration

FI - MM Integration

FI - SD Integration

FI - PP Integration

Issue of Raw Material to Production Order

Production of Finished Goods

Completion of Production

Account Assignments for Receipts and Payments

Rounding Differences


Bank Charges


Exchange Rate Difference


Chapter 8: Overview of SAP Implementation Process

Please check heading level

ASAP Roadmap

Project IMG

System Landscape

Transport Requests

Solution Manager - Latest Tool for SAP Implementation


Chapter 9: Business Blueprint - Auditors Perspective

Business Blueprint

Contents of a Business Blueprint Document

SAP Blueprint Document


Company Profile

Executive Summary

System Landscape

Financials and Controlling Module

P2P - Procure to pay business cycle

O2C - Order to Cash business cycle

Product Costing

Process Mapping/Technical Settings

Global Settings

Enterprise Structure

Financial Accounting Global Settings

Global Parameters for Company Code

Fiscal Year Variant

Document Types

Posting Periods

Document Number Ranges

Posting Keys

Field Status Variants

Payment transactions

Asset Accounting


Foreign payments


Tolerance Group

Fiscal Year Default

Default Value Date

Taxes on Sales/Purchases

General Ledger Accounting

Bank Accounting

Check Management

Account Receivable and Account Payable

Account Payable and Receivable Business Transactions

Internal Orders

Distribution and Assessment cycles


 Chapter 10: Data Gathering for SAP Audit

Configuration Data

Company Code Data

Company Code Global Parameters

Company Code Business Area Postings

Controlling Area Basic Data

Retained Earnings Account

Inter Company Receivable and Payable Clearing Accounts

Fiscal Year Variants

Company Code and Fiscal Year Assignment

Posting Periods

Foreign Exchange Differences Postings

Changes to FI data

Changes to G/L Accounts

Changes to Cost Elements

Changes to Cost Center

Changes to Bank Data

Changes to Vendor Master Data

Changes to Customer Master Data


Chapter 11: SAP Audits and Automatic Configuration Controls

Control Description

Control Categorization


Chapter 12: SUIM for Auditors

Executing SUIM - User Information System

Roles Assigned to a User

Profiles Assigned to a User

Users with Access to a Particular TCode

Roles with Access to Critical TCodes

Roles Used in Composite Roles

Admin Users Who Can Create Other Users


Chapter 13: AIS - Audit Information System

History of the AIS Tool


Role-Based Menus

Roles for Using AIS

Components of AIS

Components of a Business Audit of Individual Financial Statements

Components of a Business Audit of Consolidated Financial Statements

Important Roles for Using System Audit for AIS



Chapter 14: LSMW - Legacy System Migration Workbench for Auditors

Introduction to LSMW

Need for Data Upload

Methods Available for Data Upload in SAP System



Chapter 15: SAP Reports for Auditors

Changes Made to Security Authorizations

Multiple Failed Logon Attempts in the Recent Past

Changes Made to Security Profiles

Default Passwords for Default SAP Users

Changes Made to the User’s Security

Users with Critical Authorizations

Users with Incomplete Address Data

Users with Critical Combination of Authorizations


Chapter 16: GRC - Global Risk Compliance

Introduction to GRC

Areas Covered By SAP GRC

Components of SAP GRC

Important Tools of SAP GRC from an Auditor’s Point of View


Chapter 17: Extracting Data and Dealing with Tables in SAP

SE16 - Data Browser

SE16N - General Table Display

SE12 - ABAP Dictionary

SM30 - Maintain Table Views

SM31 - Maintain Table Views - Old