SAP SOX Compliance
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
What Is SOX Compliance?
The Sarbanes-Oxley Act (SOX) of 2002 requires financial transparency by U.S. public companies, ensuring their data is secure and accurate. Drafted by Congressmen Paul Sarbanes and Michael Oxley following several U.S. corporate and financial scandals, SOX compliance means having a formalized system for internal controls — one that provides full financial transparency.
In a blog post, the criticality of SAP governance, risk management, and compliance (GRC) for SOX compliance is explored. The author points out that two sections (Section 302 and Section 404) are the most important and relevant for SAP GRC and finance users.
An SAP SOX compliance checklist should address the following:
- Segregation of duties
- SAP GRC monitoring
- Safeguard SOX audit trails against emergency access
- Automate SAP audit reporting
Further Resources for SAPinsiders
Accounting & Finance Expands Its Influence. In this article, learn how UGI Utilities developed a strategic roadmap to better anticipate internal and external demands on the business — including regulations such as SOX. The utility shares how using BlackLine and its task functionality provides intuitive controls for SOX compliance.
Beyond SOX: Addressing non-financial risks through SAP configuration and sound supporting processes. Often, compliance is a focal point during SAP implementation to ensure compliance with financial reporting and regulations, such as SOX. However, there are optional SAP controls that could provide even more value to companies’ SAP system and supporting processes. In this session, Steve Biskie from RSM shares how to minimize and mitigate operational and strategic risks through SAP configuration. Understand who in the organization should be involved in recommending and validating control changes, and how to set up an appropriate cross-functional team to ensure decisions are sound and don’t introduce other risks.
Bridging the Cybersecurity Gap in IT General Controls (ITGC). Compliance with regulations like SOX often require a set of controls in place to mitigate risks to the integrity of financial reporting. Current ITGC testing performed by internal and external auditors is only focused on one slice of access risk. In this session, Brian Tremblay from Onapsis shares why it’s critical to understand the threats that exist to your SAP system beyond the current ITGC scope and how they relate to compliance with SOX.
A vendor that can help SAP customers with SOX compliance is Appsian Security. The provider offers a single platform for automating how users secure user identity, govern access, detect and prevent fraud, and demonstrate compliance with SOX, the General Data Protection Regulation, and more across critical business applications.
966 results
-
Premium
Delivery Hero’s Internal Audit Function Delivers an Amazing Stakeholder Experience
If your organization is dispersed throughout the globe, you may face similar auditing challenges as Delivery Hero, a €2.8 billion firm that operates local online food ordering and delivery services in more than 50 countries. Delivery Hero decided to overhaul its internal audit (IA) function to align it with strategic objectives better to meet global…
-
Shift to Remote Work Underscores Need for a Robust Identity and Access Management Program
As a result of the COVID-19 pandemic, remote workforce models are likely here to stay. This shift magnifies the importance of organizations guaranteeing that only authorized individuals can access their network and data. The best way to avoid unauthorized users from entering SAP systems is through a robust and automated identity and access management (IAM)…
-
Event Blog- Securing your SAP Landscape
These resources are brought to you by SAPinsider’s Securing your SAP Landscape virtual summit. Join us for live sessions, discussions, and interactive roundtables on August 11th, beginning at 10 AM EST. Click here for more details
-
Procurement Transformation: Automation in P2P
As we move towards a digital economy, supply chain organizations are faced with finding new and innovate ways to transform and drive efficiencies — either through elimination or automation A focus area for many of these organizations is repetitive and/or administrative low- to non-value-added tasks. A prime candidate for this initiative is the procure-to-pay process…
-
Vertex Talks VAT and Chain Flow Accelerator
By: Rizal Ahmed, Chief Research Officer, and Ogo Nwanyanwu, Research Director, Financial Management & Technology Growing e-filing requirements and VAT regulation updates continue to elevate the cost burden and risk quotient associated with indirect tax management. Organizations navigating international trade activity in the current environment, are seeing new regulations and tax guidelines create supply chain…
-
NNS Implements SAP S/4HANA to Enable Digital Shipbuilding
Newport News Shipbuilding Implements SAP S/4HANA to Enable Digital Shipbuilding Newport News Shipbuilding (NNS) builds the ships at the heart of the U.S. Navy’s strategic force: aircraft carriers and nuclear submarines. With $5 billion in revenues and more than 25,000 employees, Va.-based NNS is the largest military shipbuilding company in the United States. As it…
-
SAP Customers Expand Global Footprints
A popular approach for enterprises that want to transform – developing a global presence – is driving technology adoption. SAPinsider’s Chief Research Officer, Riz Ahmed, sat down with SAP’s Global Head of SAP Enterprise Adoption, Eva Zauke, to better understand this trend. According to Zauke, “the intelligent enterprise needs to do more than just span processes and…
-
- Premium
Impact20: ONESOURCE – Efficiency Through Connectivity
Learn how the ONESOURCE platform can deliver connectivity and compliance for finance teams by utilising APIs and discover how Statutory Reporting content for compliance. · ONESOURCE Statutory Reporting content for compliance Demo of how APIs can link SAP to ONESOURCE Statutory Reporting and the efficiency this delivers Mastering SAP Premium Access Membership Required You must…
-
Contract Intelligence as a Competitive Differentiator
As technology around us has evolved exponentially, so have solutions that help organizations leverage technology as an enabler. One such category of solutions is contract lifecycle management solutions. Since the early days of manually drafting contracts that went through several review cycles, contract lifecycle management has come a long way, thanks to technology. This article…
-
Role Assignment Automation: Finding the Balance of Technology and Process
Role assignment is fundamental to access control. How can technology and automation help reduce risk and manual effort?
Related Vendors
Your request has been successfully sent