The ones which fall through the net: plausibility and SAP security
In some areas of process standardization, compliance and correctness or access restrictions, it is sometimes quite difficult, if not impossible, to assign them to one of the classic processes of purchasing, sales or fixed assets. However, this does not mean that audit questions such as superuser activities, separation of duty conflicts or weekend bookings are […]
zap Audit investigates: Could an imprisonable offence have been avoided?
In Hamburg, a decision was made at the beginning of the year about a particularly serious case of embezzlement and forgery. We looked into the case and came to the conclusion that a company could have discovered the fraud itself with the help of zap Audit. How? That’s what we are going to explain in […]
Dr. Strangelove or: How I Learned to Hack SAP Passwords
Having covered the system-wide profile parameters necessary for assigning passwords in SAP in our last blog post, we are now going to “get our hands dirty” and show you, step-by-step, how insecure password hashes can be cracked in SAP. Where can I find the password hashes in SAP? As already mentioned in the previous blog […]
Living from hand to mouth? How to run a first liquidity check on your customers
Having taken a look in our last two blog posts at the various accounts receivables and individual customers, we will now look at some simple statistics, examine the correlation between certain parameters and view the results as Excel charts. If you missed the last two blog posts, you can access them by clicking on the […]
When payments become a moral matter: How fast do your customers pay?
Analyzing the receivables accounts in SAP gives you an initial feel for how receivables are distributed. But it does not let you say anything in detail about the payment behavior of individual customers. For this reason, in this article, we will take a more in-depth look at individual customers and compare them with each other. […]
Do customers always pay on time?
In extreme cases, non-payments can cause companies to get into real trouble. That’s why we will be taking a closer look at this topic – one which is well known to auditors – over the course of the coming weeks. The end of the year is slowly but surely drawing near, and, for many companies, […]
Automated Audit of Purchase-to-Pay in SAP
In this second blog post on auditing of purchase-to-pay in SAP, I would like to present the automated approach in greater detail, taking a look at all its various aspects. A lot of these analyses can of course be executed manually, but this is very time-consuming to do and thus should be avoided. Purchase-to-pay master […]
Step-by-step procedure for auditing purchase-to-pay in SAP
The biggest and most well-known area of SAP auditing must be purchase-to-pay. Almost one third of our indicators fall into this category. That alone is reason enough for us to devote an extensive two-part blog series to the subject. Before going into things in more detail, we first need to describe the fundamentals of auditing […]
7 Things every Auditor has to Know about Fixed Assets
Between the acquisition of an asset and its retirement, there can be many stumbling blocks along the way. By using data analysis in SAP, an auditor can find out a great deal. That is the reason why I would like to introduce you to the basics of a fixed asset audit and the challenges that […]
Process Mining for Dummies (part 3)
In the third and final part of this series, I would like to introduce you to the three known forms of process mining and to highlight some of the challenges of this discipline. While Process Mining may sound very comfortable and easy to implement, if the solutions are not fully, or at least partially automated, […]