Upload
gouravladha3435
View
231
Download
0
Embed Size (px)
Citation preview
8/7/2019 SAP Risk Advisory Services
1/24
8/7/2019 SAP Risk Advisory Services
2/24
Contents
Risk & Challenges in an ERP system
History of Financial Frauds
About AGC Infotech
Our ERP Risk Advisory Services
Our Value Chain Approach
Benefits to your organization
Our Team & Credentials
Annexure
For Discussion Purposes Only 2
8/7/2019 SAP Risk Advisory Services
3/24
Risk & Challenges in an ERP system
3For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
4/24
Risk & Challenges in an ERP System
4For Discussion Purposes Only
Corporations across the world are highly concerned about the security of their EnterpriseResource Planning (ERP) systems such as SAP, from threats like fraud, intrusion, etc that affects
the integrity of their business. They require their policies and procedures to be tightened andsystem to be secured.
There are some challenges that these corporations faces in their day to day business:
We should haveconsidered SoDwhile granting
access
Does my ERP systemhas sufficient
password and useraccess security
controls
I dont know
how thevendor gotpaid twice?
ERP team isspending lot ofunproductive
time onmaintenance
Is my systemprone toaccess
intrusions?
Auditor declaredsystem controls to
be ineffective
Our ERPimplementation
team nevergave us the
controls
How do Idesign business
controls in myERP?
What is theSolution???
8/7/2019 SAP Risk Advisory Services
5/24
History of Financial Frauds
5For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
6/24
History of Financial Frauds
6For Discussion Purposes Only
Source: www. wikipedia.org
Year Company Audit Firm Type of Fraud
2010 Lehman Brothers Ernst & YoungFailure to disclose Repo
105 transactions to investors
2009Satyam Computer
ServicesPWC Falsified accounts
2004 AIG PWC Accounting of structured financialdeals
2002 WorldCom Arthur Andersen Overstated cash flows
2002 Kmart PWC Misleading accounting practices
2001 Enron Arthur Andersen Corporate fraud and corruption
2000 Xerox KPMG Falsifying financial results
8/7/2019 SAP Risk Advisory Services
7/24
Indias Fraud Survey 2010
7For Discussion Purposes Only
Source: KPMG
8/7/2019 SAP Risk Advisory Services
8/24
2009 CSI Computer Crime Survey
8For Discussion Purposes Only
Per the 2009 CSI Computer Crime and Security Survey, change of greatest concern is thatfinancial fraud increased from only 12 percent of respondents to 19.5 percent of respondents. This
is reason for concern because financial fraud consistently causes victim organizations hugelossesalmost $450,000 per victim organization this year
8/7/2019 SAP Risk Advisory Services
9/24
About AGC Infotech
9For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
10/24
About AGC Infotech
10For Discussion Purposes Only
Our Company profile
We would like to introduce our self as a leading SAP and HR service provider offering a widesuite of specialist services to our clients ranging from specialist staffing, risk advisory, corporatetraining, consulting to outsourcing.
AGC INFOTECH offers a wide range of professional SAP risk advisory, consulting, developmentand training propositions at reasonable costs. We provide value added service to our clients inthe most cost-effective manner.
Our Services SAP Risk Advisory
SAP Consulting and project support
Corporate training
Manpower solutions
Outsourcing
Benefits of Working with Us:
Services similar to the Big4 audit firms, but at a price that fits your budget
Team from Big4 background bringing best practices
High quality deliverables and reports
Committed team available locally for year-round support
8/7/2019 SAP Risk Advisory Services
11/24
Our ERP Risk Advisory Services
11For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
12/24
Our ERP Risk Advisory Services
12For Discussion Purposes Only
Business Blueprint Review
Identify and suggest controls aspart of BBP
Benchmark TO-BE process toLeading practices
Pre Go-Live ReadinessAssessment
A quick check of the status ofcritical master data,organizational elements,configurable controls, processintegrations, system and usersecurity before Go-Live
Verify if suggested controls aredesigned and implemented
Quick Scan Review
A quick check to identify andfix High Risk issues
SAP Business ControlsReview
A detailed review of keybusiness processes havingfinancial implication
SAP Security ControlsReview
A detailed review of Basissecurity, access to criticaltransactions and Segregation
of duties
Audit Work ProgramDocumentation
Preparation of detailed workprogram that will enable theInternal Audit team to conductrigorous audit of the SAP system
SAP Core team training
Preparing the SAP Core teamfor supporting the SAP ECCsystem
SAP End-user training
Preparing the SAP End-userteam for working on the SAPECC system
Auditing an ERP systemtraining
Preparing the Internal auditteam for sustainable audit ofthe SAP ECC system
Fundamentals of ERP systemtraining
Preparing the organization foran upcoming implementationof the SAP ECC system
Before Go-live After Go-Live Corporate Training
8/7/2019 SAP Risk Advisory Services
13/24
Our Value Chain Approach
13For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
14/24
Our Value Chain Approach
14For Discussion Purposes Only
Understandbusinessprocess
Identifypotential
risks
Developcontrol
framework
Documentaudit
programConducttest of
controls
Reportgaps &suggest
solutions
TrainInternal
Audit team
FinancialAccounting
MaterialsManagement
Sales &Distribution
Basis Security &
UserAdministration
8/7/2019 SAP Risk Advisory Services
15/24
Benefits to your Organization
15For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
16/24
Benefits to your organization
Few of the benefits that your organization will derive from your SAP system, after our services:
16For Discussion Purposes Only
Secured ERP
system
Leadingpractices
Compliance
support
Maximizing
configurable
controls
Sustainability
Secured and robust SAP environment from both internal andexternal threats such as unauthorized usage, fraud, intrusion, etc
Leveraging the available automated controls using the existing SAP
configuration and reducing the manual efforts
Controls ready SAP system to meet any existing or upcomingstatutory compliance requirement
Benchmarking your SAP system to the leading industry controlpractices to optimize your ROI
Preparing the management / Internal audit team to conductrepeatable and sustainable audit of SAP system using the step-by-step defined audit program documentation
8/7/2019 SAP Risk Advisory Services
17/24
Our Team & Credentials
17For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
18/24
Team Profile
We have a team of dedicated and highly qualified SAP professionals who have
worked on ERP and IT Risk Advisory projects across 8 countries, including US and UK.
Our team comprises of Certified SAP professionals, CA, MBA and Engineers with
extensive experience in rendering SAP advisory services.
Along with SAP ECC system, our team has hand-on experiences working on tools
such as SAP GRC Access Controls and Approva Bizright Access Controls.
Our Service capabilities:
SAP Business Process Controls Audit
SAP Security and Segregation of Duties Controls Audit
ERP Audit Project Management
Sarbanes Oxley (SOX) Compliance Assistance
ERP Product and Vendor Selection
ERP Audit Tools Development
ERP Trainings
18For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
19/24
Team Credentials
19
Industry Clients
Diversified Business Essar Group, India
Beverages Diageo Plc, UK; Dr Pepper Snapple Group Inc., USA
InsuranceChartis (AIG) UAE, Hong Kong, Malaysia, Indonesia, Thailand, Philippines,Vietnam, Taiwan
IT ServicesVOLT Information Sciences Inc., USA; Covansys Corp. Inc., USA; InfosysTechnologies, India
Energy Centrica Plc, UK; Enercon India Ltd; ONGC Ltd., India
FMCG and Consumer Goods ITC Ltd, India Philips India Ltd.
Retail Pantaloon Retail India Ltd.; Welspun India Ltd.
Engineering and Electrical
Equipment Larsen & Toubro Ltd., India; Havells India Ltd.; Bharat Bijlee Ltd., India
Telecommunication VSNL Ltd., India
Pharmaceutical Duane Reade Inc, USA; Glenmark Pharmaceutical Ltd., India
Metals and Minerals ISPAT Industries Ltd., India; BALCO Ltd., India
For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
20/24
Annexure
20For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
21/24
Sample Deliverables - Dashboard
21For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
22/24
Sample Deliverables - Deliverables
22For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
23/24
Sample Deliverables - Report
23For Discussion Purposes Only
8/7/2019 SAP Risk Advisory Services
24/24
End of Presentation. Thanks.
24For Discussion Purposes Only
For enquires and more please contact:
Manish Chauhan
Director, AGC Infotech
Mobile #: +91-909-998-796-6
Office #: +91-79-40044661/62/64/65
Website: www.agcinfotech.co.in
Email: [email protected]
Gourav Ladha
Director, ERP Risk Advisory
Mobile #: +91-971-295-295-5
Office #: +91-79-40044661/62/64/65
Website: www.agcinfotech.co.in
Email: [email protected]