Post on 19-Jan-2015
description
Compliance Designed WellAuditBot
AuditBot Overview• AuditBot provides…• expertise in intelligently identifying and responding to risks that impact SAP
System.
• So that…• organizations can automatically identify, manage and prevent Risks that result
in…– … user having excessive Access– … poor SAP security design– … risk due to security vulnerability– … costly audit findings
• We do this by providing…• a SAP Audit software solution that delivers precise, actionable and auditable
intelligence of control breakdowns across systems, processes and transactions
Automate Compliance
Improve Operations
Reduce Risk & Fraud
What can AuditBot do for you
• Automatically monitors key control points across the organization.
• Identifies, monitors, alerts, tracks control breakdowns.
• Pushes ownership & accountability of controls out to the organization.
• Provides independent layer of quality assurance.
• Ensures data integrity and quality SAP Systems.
Custom object analysis
Monitor 100% of transactions
Fully Automated
4
CFO / Finance
Internal Audit
CIO/IT
Compliance/ Risk
When developing a AuditBot business case it is important to understand what metrics will be used in the final evaluation.
• Reduced risk of adverse audit findings & fraud
• Increased business efficiency
• Improved internal auditor utilization
• Reduced testing time for routine controls
• Reduced IT cost of ownership
• Reduced external consulting fees
• Business benefits of compliance investments
• Reduced time and cost for monitoring controls
ROI from different team perspective
AuditBot will strengthen your
controls and provide better
business visibility.
13
”“
CHALLENGES
• As part of SAP Implementation project, company wanted to reduce segregation of duties (SoD) and sensitive access risks access.
• They want to keep track of their SAP Security posture and monitor regularly
• Manual process to monitor transaction and inactive users
• Clearly documented automated SoD, sensitive access controls, logs monitoring and custom object analysis
• Automation of tracking and alerting functional owner about the access
• Report easily run by Internal Auditor without support from IT, enables the IA validate compliance with company policies
RESULTS
Typical SAP System, with 2000 Users
14
• “Now we have all the sensitive transactions tracked and automated the user locking procedure”
• “Custom objects are now tracked and the Security posture intact”
Reduced Risk
Greater Assurance
Improved Productivity
• “There are no more audit surprises anymore. We have had no audit findings related to SOD or sensitive access since we implemented AuditBot.”
• “Now the sensitive access is tracked and user access data can analyzed quickly from one location.”
• “Now the internal audit team can track the security vulnerabilities and prevent any audit violations.”
RESULTS
15
• “All the audit programs are written in ABAP Program”
• “All the audit logs are gathered and recorded into custom table for unlimited use
ABAP Based
No New Hardware
Quick Implementation
• “Solution can be deployed in SAP System on the exiting hardware.”
• Existing company resource can support the product
• “Solution can be implement Quickly some time even within one day.”
• “Training the internal audit team is quick as the report are one click execution.”
Architecture