SAP SOX Compliance
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
An SAP SOX compliance checklist should address the following:
- Segregation of duties
- SAP GRC monitoring
- Safeguard SOX audit trails against emergency access
- Automate SAP audit reporting
Further Resources for SAPinsiders
Accounting & Finance Expands Its Influence. In this article, learn how UGI Utilities developed a strategic roadmap to better anticipate internal and external demands on the business — including regulations such as SOX. The utility shares how using BlackLine and its task functionality provides intuitive controls for SOX compliance.
Beyond SOX: Addressing non-financial risks through SAP configuration and sound supporting processes. Often, compliance is a focal point during SAP implementation to ensure compliance with financial reporting and regulations, such as SOX. However, there are optional SAP controls that could provide even more value to companies’ SAP system and supporting processes. In this session, Steve Biskie from RSM shares how to minimize and mitigate operational and strategic risks through SAP configuration. Understand who in the organization should be involved in recommending and validating control changes, and how to set up an appropriate cross-functional team to ensure decisions are sound and don’t introduce other risks.
Bridging the Cybersecurity Gap in IT General Controls (ITGC). Compliance with regulations like SOX often require a set of controls in place to mitigate risks to the integrity of financial reporting. Current ITGC testing performed by internal and external auditors is only focused on one slice of access risk. In this session, Brian Tremblay from Onapsis shares why it’s critical to understand the threats that exist to your SAP system beyond the current ITGC scope and how they relate to compliance with SOX.
A vendor that can help SAP customers with SOX compliance is Appsian Security. The provider offers a single platform for automating how users secure user identity, govern access, detect and prevent fraud, and demonstrate compliance with SOX, the General Data Protection Regulation, and more across critical business applications.
969 results
-
Live from SAPinsider Studio: HR as a Leader in the Digital World
Yvette Cameron and Mark Brandau of SAP SuccessFactors , keynote presenters at the SAPinsider HR 2017 event, join SAPinsider’s Ken Murphy after the keynote presentation to discuss the evolving role of HR in a digital enterprise. Below is a lightly edited transcript of the discussion. Ken Murphy, SAPinsider: Hi this is Ken Murphy with SAPinsider,…
-
Optimizing BI Administration in SAP Environments: Q&A on How to Properly Maintain and Secure Complex, Shared Landscapes
Business intelligence (BI) is the lifeblood of data-driven organizations, enabling you to turn the data in your SAP systems into actionable information that drives better decision making, uncovers opportunity, and improves efficiency. The modern BI landscape is an increasingly complex one, however, with trends such as big data, the cloud, and the Internet of Things…
-
Make Sense of the CO Cost Settlement Process: Live Q&A on Navigating Cost Settlement in SAP Systems
Cost settlement plays a critical role in business operations in SAP environments. It determines whether orders – such as production orders, sales orders, and internal orders – are settled in full as part of period-end processing. This process, which takes place in the controlling (CO) component of the SAP system, can appear to be highly…
-
How SAP Fiori Impacts SAP HR Functionality: Q&A with Jeremy Masters on the Roadmap for HR Renewal and SAP SuccessFactors
SAP Fiori is an SAP UI5 platform to make the user experience more modern and consumer-grade. What is the user experience roadmap around new HR functionality for HR Renewal and SAP Fiori applications? How does it fit within SAP’s overall cloud strategy with SAP SuccessFactors? HR 2017 speaker Jeremy Masters, Managing Partner at Worklogix, answered…
-
Cybersecurity Considerations for SAP Mobile Applications
Panelist: Juan Perez-Etchegoyen, Onapsis Date: Thursday, October 12 Kendall Hatch Hello, and welcome to today’s live Q&A on security considerations for SAP mobile applications. I’m Kendall Hatch, Conference Producer for SAPinsider, and I’m excited to introduce today’s panelist, Juan Perez-Etchegoyen, CTO at Onapsis. Juan is also a speaker at the upcoming SAPinsider Cybersecurity for SAP Customers conference…
-
Pull up a Chair at SAPinsider Studio
With 175 sessions, 84 speakers, and 200 hours of education, it is safe to say that the February, 2016, SAPinsider’s BI, HANA, and IoT 2016 events in Las Vegas delivered some compelling content for professionals who use and support SAP BusinessObjects BI, SAP BW, and analytics solutions. For the roughly 1,000 attendees representing more than…
-
Businesses Need to Do Three Things in 2018: SAPPHIRE NOW Makes It Happen
In my world, it’s not too early to start thinking about SAPPHIRE NOW in 2018, which I’ll cover onsite this year June 5-7 in Orlando, Florida. One of my first steps was to catch up with Chakib Bouhdary, Global Digital Transformation Officer at SAP. Bouhdary is a busy guy, traveling worldwide to talk with SAP customers…
-
SAP Fiori Application Development in the Cloud
Gain a comprehensive understanding of the new ways in which SAP Fiori applications can be built using SAP Web IDE on SAP HANA Cloud Platform, as well as how to create mobile versions of these applications for other devices using SAP Mobile Secure. This step-by-step walkthrough also includes information about free trials and demos available…
-
Catalyzing the Cloud Transition: What It Means for You
In mid-2019, SAPinsider reported that while the vast majority of the SAP community is somewhere along the journey of transitioning its enterprise resource planning to the cloud, many companies are still at an early stage. However, recent moves at SAP signal a strong interest in catalyzing that transition and, in turn, it has some SAP…
-
How Executives Are Building the Technology Landscapes That Power Business Transformation
The July Technology Executive Forum virtual meeting explored how companies are building technology landscapes that support business transformation. The agenda included a summary of SAPinsider’s latest research, which tells us that companies are accelerating their plans to move to SAP S/4HANA and the cloud. Vitesco’s CIO Thomas Buck spoke during the opening keynote session about…
Related Vendors
Your request has been successfully sent