By attending this course, attendees will acquire the knowledge and skills to progress beyond the basic auditing employed by many auditors for SOX purposes, and become competent at an advanced auditing level to identify more in-depth operational and strategic risks. This three-day course will provide participants with an in-depth understanding of SAP® Basis and security assessment techniques necessary for performing a deep-dive technical audit. You will learn the advanced risks and control opportunities that should be considered in a thorough audit of the SAP Basis system, including considerations when using SAP GRC.
On completion of this course, attendees will be able to develop an effective SAP technical audit plan and prioritize key steps, discuss techniques for controlling both dialog and non-dialog user security, assess the appropriateness of SAP Basis configuration settings, recommend procedures for controlling customizations, analyze SAP Basis and security-related tables and describe effective research techniques related to advanced SAP technical issues. Attendees will explore changes introduced by SAP S/4HANA, specifically related to the implications of HANA and Fiori on the SAP security model. Participants will get a chance to explore newer issues around SAP cybersecurity, and see demonstrations of techniques used for hacking SAP. Participants will advance their knowledge through hands-on access to an SAP system, and get a chance to perform a mini security audit.