Overview
- Spans all aspects of GRC systems from legislation to concept to content to automation
- Shows how to implement a GRC system in the SAP environment
- Uniquely combines theoretical and practical issues
- Author has more than 10 years experience with SAP GRC in Germany, Switzerland, and the US
- Includes supplementary material: sn.pub/extras
Access this book
Tax calculation will be finalised at checkout
Other ways to access
Table of contents (18 chapters)
-
Front Matter
-
From Legislation to Concept: ICS and Compliance in the ERP Environment
-
Front Matter
-
-
From Concept to Content: Audit Guide for SAP ERP
-
Front Matter
-
-
From Concept and Content to Implementation: Automation of an Internal Control System
-
Front Matter
-
Keywords
About this book
Over the last few years, financial statement scandals, cases of fraud and corruption, data protection violations, and other legal violations have led to numerous liability cases, damages claims, and losses of reputation. As a reaction to these developments, several regulations have been issued: Corporate Governance, the Sarbanes-Oxley Act, IFRS, Basel II and III, Solvency II and BilMoG, to name just a few. In this book, compliance is understood as the process, mapped not only in an internal control system, that is intended to guarantee conformity with legal requirements but also with internal policies and enterprise objectives (in particular, efficiency and profitability).
The current literature primarily confines itself to mapping controls in SAP ERP and auditing SAP systems. Maxim Chuprunov not only addresses this subject but extends the aim of internal controls from legal compliance to include efficiency and profitability and then well beyond, because a basic understanding of the processes involved in IT-supported compliance management processes are not delivered along with the software. Starting with the requirements for compliance (Part I), he not only answers compliance-relevant questions in the form of an audit guide for an SAP ERP system and in the form of risks and control descriptions (Part II), but also shows how to automate the compliance management process based on SAP GRC (Part III). He thus addresses the current need for solutions for implementing an integrated GRC system in an organization, especially focusing on the continuous control monitoring topics.
Maxim Chuprunov mainly targets compliance experts, auditors, SAP project managers and consultants responsible for GRC products as readers for his book. They will find indispensable information for their daily work from the first to the last page. In addition, MBA, management information system students as well as senior managers like CIOs and CFOs will find a wealth of valuable information on compliance in the SAP ERP environment, on GRC in general and its implementation in particular.
Authors and Affiliations
About the author
Maxim Chuprunov is CEO of Riscomp GmbH – a consultancy focusing on the automation of GRC management processes. Prior to this, he worked for KPMG, Schenker AG, and SAP AG. During his career, he has continuously been involved in auditing of SAP applications, data analysis, designing Internal Control Systems, and with the implementation of SAP ERP systems as well as the SAP solutions for GRC. In this book, he has applied his extensive knowledge of both underlying legislation and legal standards and the technical options for implementation.
Bibliographic Information
Book Title: Auditing and GRC Automation in SAP
Authors: Maxim Chuprunov
DOI: https://doi.org/10.1007/978-3-642-35302-4
Publisher: Springer Berlin, Heidelberg
eBook Packages: Computer Science, Computer Science (R0)
Copyright Information: Springer-Verlag Berlin Heidelberg 2013
Hardcover ISBN: 978-3-642-35301-7Published: 19 April 2013
Softcover ISBN: 978-3-642-43452-5Published: 15 May 2015
eBook ISBN: 978-3-642-35302-4Published: 09 April 2013
Edition Number: 1
Number of Pages: XXXII, 525
Topics: Computer Appl. in Administrative Data Processing, Accounting/Auditing, Legal Aspects of Computing, Management of Computing and Information Systems, Business IT Infrastructure, Business Information Systems