SAP SOX Compliance
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
An SAP SOX compliance checklist should address the following:
- Segregation of duties
- SAP GRC monitoring
- Safeguard SOX audit trails against emergency access
- Automate SAP audit reporting
Further Resources for SAPinsiders
Accounting & Finance Expands Its Influence. In this article, learn how UGI Utilities developed a strategic roadmap to better anticipate internal and external demands on the business — including regulations such as SOX. The utility shares how using BlackLine and its task functionality provides intuitive controls for SOX compliance.
Beyond SOX: Addressing non-financial risks through SAP configuration and sound supporting processes. Often, compliance is a focal point during SAP implementation to ensure compliance with financial reporting and regulations, such as SOX. However, there are optional SAP controls that could provide even more value to companies’ SAP system and supporting processes. In this session, Steve Biskie from RSM shares how to minimize and mitigate operational and strategic risks through SAP configuration. Understand who in the organization should be involved in recommending and validating control changes, and how to set up an appropriate cross-functional team to ensure decisions are sound and don’t introduce other risks.
Bridging the Cybersecurity Gap in IT General Controls (ITGC). Compliance with regulations like SOX often require a set of controls in place to mitigate risks to the integrity of financial reporting. Current ITGC testing performed by internal and external auditors is only focused on one slice of access risk. In this session, Brian Tremblay from Onapsis shares why it’s critical to understand the threats that exist to your SAP system beyond the current ITGC scope and how they relate to compliance with SOX.
A vendor that can help SAP customers with SOX compliance is Appsian Security. The provider offers a single platform for automating how users secure user identity, govern access, detect and prevent fraud, and demonstrate compliance with SOX, the General Data Protection Regulation, and more across critical business applications.
969 results
-
Supply Chain Info Center Operational Analytics Application for SAP APO
Learn about the Supply Chain Info Center, a new operational analytics application for SAP Advanced Planning and Optimization (APO) based on HANA Live. Understand the concept of operational analytics and HANA Live technology and see how to set up the Supply Chain Info Center application. Key Concept The Supply Chain Info Center is an add-on...…
-
Outsourcing Operations? How to Design an Undisrupted Supply Plan in SAP APO
See how a manufacturing company created a new third-party logistics (3PL) code to represent a third-party logistics service provider. By incorporating 3PL into supply chain planning, the manufacturing company could plan against changing demand and supply position at 3PL and replenish the 3PL site to achieve the desired customer service level. Key Concept A purchase...…
-
Learn How to Configure the Quick View Panel in the Search Lane and Workforce Viewer of HR Renewal 1.0 Feature Pack 4
Learn how to configure standard and custom infotype field information in the Workforce Viewer and quick view panel of the search lane functionalities of HR Renewal 1.0. Key Concept The Workforce Viewer is one of the new features released with HR Renewal 1.0 Feature Pack 4. The Workforce Viewer gives users an easy to use...…
-
Best Practices: Plan For and Implement SAP E-Recruiting
SAPexperts/HR Key Concept SAP E-Recruiting sources and manages talent within and from outside your organization through enabling a talent relationship management (TRM) strategy. TRM combines an aggressive recruiting policy with Web-based recruiting tools. A sound TRM strategy focuses on the goals of a company and integrates software to complement those goals. SAP E-Recruiting offers significant...…
-
Control the Registration of External Programs in the Gateway
Tip Doctor, Insider Learning Network. This tip was taken from “5 Tips for Securing Communication Between SAP Systems and External Programs” by Kehinde Eseyin, which was posted to the GRC Expert knowledgebase in July 2010. You can protect external programs from registration in the gateway by appropriately configuring the reginfo file. The reginfo file is…
-
Live from SAPinsider Studio: Clemens Praendl on SAP Cloud for Analytics
Clemens Praendl, SAP Senior Vice President and General Manager, Analytics, joins SAPinsider Studio at Reporting & Analytics 2015 to discuss the business value cycle in the context of SAP Cloud for Analytics. This is an edited transcript of the discussion. Ken Murphy, SAPinsider: Hi this is Ken Murphy with SAPinsider and I am here at…
-
Live from SAPinsider Studio: JMC Steel on SAP BusinessObjects Analysis
JMC Steel’s Kalyan Boggavarapu, BI Lead, and Kerry McGuigan, Director of Finance, visit with SAPinsider Studio during the 2015 Reporting & Analytics conference in Las Vegas to discuss the company’s move from SAP Business Explorer (BEx) to SAP BusinessObjects Analysis, edition for Microsoft Office. This is an edited transcript of the discussion: Ken Murphy, SAPinsider:…
-
Live from SAPinsider Studio: Patrick Leonard on SAP BusinessObjects Information Steward
Patrick Leonard, Senior Consultant at Decision First, a Protiviti Enterprise, joins Ken Murphy at SAPinsider Studio during the 2015 Reporting & Analytics conference in Las Vegas to discuss SAP BusinessObjects Information Steward. This is an edited transcript of the discussion: Ken Murphy, SAPinsider: Hi, this is Ken Murphy with SAPinsider and I am here at…
-
Live from SAPinsider Studio: Epson America on BI, Building SAP HANA Business Case
Abishek Uppal, BI Project Leader, Epson America, joins SAPinsider Studio at the 2015 Reporting & Analytics event in Las Vegas to discuss the company’s business intelligence (BI) use and roadmap. This is an edited transcript of the discussion: Ken Murphy, SAPinsider: Hi, this is Ken Murphy with SAPinsider, and I’m here at the SAPinsider Reporting…
-
Live from SAPinsider Studio: SAP’s Irfan Khan and Jayne Landry on SAP HANA, Analytics, and the Roambi Acquisition
Irfan Khan, CTO of SAP Global Customer Operations, and Jayne Landry, Global VP and GM for Business Intelligence, joined SAPinsider’s Ken Murphy at the BI-HANA-IoT 2016 conference to discuss insights shared during the event keynote. Topics of this discussion include: The importance of the Roambi acquisition – just announced at the event! – for SAP…
Your request has been successfully sent