on 10-04-2012 9:37 PM
Hello Colleagues,
I am looking for documentation to support the integration or output of Audit Information System (AIS) with NW Audit Management. There are two possible uses:
If anyone has shared experience I would appreciate your posting or contact me directly at wnewman@newportconsgroup.com.
Many thanks!
Bill
Hi William,
We are required to implement Audit Management Process (external and internal), and we're not going to use the Internal Audit Management (IAM) add-on tool in our GRC 10.1 system.
As I understand, Audit Planning and Follow Up can be done in IAM tool. Rest of the processes viz. Preparation, Execution and Reporting are within Netweaver Audit Management (NAM) itself.
As such, could you please provide me with any documentation on how NAM covers the audit processes?
Thank you,
Sagar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Delorso,
Thank you for the post. There are indeed several different functions inside SAP that can address audit needs. Some talk to each other, others don't. Here is what I have found.
Just so you know none of these systems actually integrate together out of the box. We are looking at options to pull audit planning information from SAP HR-OM automatically through the use of a BADI routine to pre-populate certain key audit fields in "NAM" when the audit program is begin developed. But otherwise "IAM" and "AIS" are stand-alone environments. Theoretically you can build in triggers and routines to automate the risk events in "NAM" based on system events in AIS or "IAM", but that is really a "state of nirvana." I haven't heard of anyone ever investing the funding and time to get to that end state.
Hopefully this helps. DM me if you need more information or if you would like to set up an initial consultation on the topic.
Regards,
Bill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi William,
I have always trying to figure out how AIS and Audit Management (NAM) could have some kind of integration.
The audit execution work such as audit sampling of transaction schedules/reports upon which audit perform tests such as verifying authenticity of user authorisations, limitation tests for the user in terms of amounts time frame and so on is carried out with the AIS tool.
When it comes to documenting the audit findings these are done in the reports in Audit Management. Moreover even the Audit plans, the audit questions and risk rating of audits is carried out in Audit Management. Can't they surely be some integration between the two functionalities SAP can come up.
And with the improved SAP GRC suite which is now including Fraud Management and Audit Management under the assurance & compliance software the audit management has really been enhanced and made more useful for auditors but again not integration with AIS.
It is a challenge (from practical experience) with clients who activate AIS but find that the audit office tasks are housed independently under in the Cross Application component for SAP ERP ECC 6.0 as Audit Management. In fact 3 clients I worked on opted to go for TeamMate Audit Software after noting this separation.
I have implemented Netweaver Audit Management and done AIS activation on a number of clients; am yet to have a practical experience on the new GRC Audit Management which is integrated with Fraud Management and Risk Management. What advice can give me on how different it is on configuration?
We are slugging through this via a training IDES environment and - happy to report - most of these questions have been answered. Message me if you find yourself working with Audit Management and will be happy to share.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi William, you know im very glad i found your post.
You know im trying to get a better understanding of this SAP Audit tools and first of all, i was wondering how this three components work together or what is the integration point between them, if there is any.
- GRC Internal Audit Management (IAM)
- Netweaver Audit Management (NAM)
- Audit Information System (AIS)
Thanks very much
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.