Most large and medium enterprises run more than 80% of their business processes on ERP systems like SAP, Oracle and Microsoft Dynamics. Hence it is important that the ERP systems are adequately secured and routinely monitored.
Our approach for design of internal controls aims to achieve a balance between effective controls and efficient business processes.
- Design of internal controls does not keep pace with growth in business
- Complex IT environment that requires specialized knowledge to ensure that it is secure
- Not much thought around risk and internal controls during ERP implementation
- Highly customized ERP environment
- Heightened focus on corporate governance and transparency
- Not enough consideration on controls around ERP
- Too many controls, hindering business process
- More reliance on manual controls
How we can help
- Audit of ERP security and data privacy
- Review business process and identify gaps in controls and unmitigated risks
- Perform test of design and operational effectiveness of controls and assess them
- Identify areas of redundant controls
- Recommend controls that can be automated to increase reliability and efficiency and thereby reducing cost of compliance
- Review user access, change management, database security and network security
- Identify and resolve segregation of duty conflicts
- Perform period testing to monitor effectiveness of controls and reduce costs of achieving compliance
- SAP/Oracle Controls Audit ?
- ERP Access Review?
- ERP Infrastructure security assessment
- Process controls optimization?