Leveraging SAP Grc in the Fight Against Corruption and Fraud

Leveraging SAP Grc in the Fight Against Corruption and Fraud

Author: Maxim Chuprunov

Publisher: Espresso Tutorials

Published: 2018-01-30

Total Pages: 226

ISBN-13: 9783960126607

DOWNLOAD EBOOK

In many companies, GRC is predominantly used to help ensure the correctness of external financial reporting. This book shows you how you can also use GRC components to detect and prevent corruption and fraud. Walk through an overview on the solutions available in the SAP GRC Suite, as well as the new SAP applications for Assurance and Compliance. You will learn how to benefit from SAP HANA in Big Data scenarios and obtain guidelines on how to set up detection scenarios in SAP Fraud Management. The author expertly shows readers that the key to a successful GRC initiative does not lie in the features and functions of a specific software product. Understand the drivers for efficiency and the multi-layered added value of automating. In addition, you will learn the basics to provide a tool-independent foundation for the automation of a group-wide anti-corruption initiative. - Risk management and internal control systems - Design and implement an anti-corruption initiative - Automated drivers and added value GRC - Detection scenarios using SAP Fraud Management and SAP HANA


Access Risk Management in SAP

Access Risk Management in SAP

Author: Bianca Folkerts

Publisher: Espresso Tutorials GmbH

Published: 2023-05-16

Total Pages: 159

ISBN-13: 3960122012

DOWNLOAD EBOOK

Do you need expert guidance on how to plan, implement, and run access analyses? This book takes a practical approach to customer-specific SAP rulesets for compliance managers, GRC teams, identity and access management teams, as well as administrators running these systems. Identify types of risk and the tools available. Take a look at use cases and tools for risk analysis and explore how to optimize processes, quality of authorization roles and concepts, transparency of access rights to data, and functions for data and process owners. Explore key considerations for evaluating a tool for hosting a using a risk catalog. Take a look at limitations of risk catalogs and learn more about a methodology for customizing standard access to the risk catalog. Find out why the authors recommend starting with a small access risk catalog before move onto more complex landscapes. Take away best practices for bringing end users up to speed. - Considerations for hosting and using a risk catalog - Limitations of risk catalogs - methodology for customizing standard access - Risk handing process


A Practical Guide to Cybersecurity in SAP

A Practical Guide to Cybersecurity in SAP

Author: Julie Hallett

Publisher: Espresso Tutorials GmbH

Published: 2021-02-04

Total Pages: 123

ISBN-13: 3960125372

DOWNLOAD EBOOK

SAP environments are internally integrated with, and through, cloud and hybrid cloud solutions. This interconnection, both within and external to the firewall, creates a level of vulnerability that, if exploited, could compromise a company’s intellectual property, employee and supplier information, and trade secrets. This book breaks down the application of cybersecurity, as it applies to SAP, into actionable items that can be communicated and implemented into existing security frameworks. You will understand why cybersecurity applies to SAP, how it integrates with cybersecurity Initiatives within an organization, and how to implement a security framework within SAP. This expertly written guide provides a targeted cybersecurity education for SAP managers, architects, and security practitioners. The author explores the technical aspects of implementing cybersecurity policies and procedures using existing tools and available SAP modules. Readers will gain a solid understanding of what a cybersecurity program does, what security frameworks are used for, how to assess and understand risk, and how to apply mitigating controls. By using practical examples, tips, and screenshots, this book covers: - Cyber risk in the SAP landscape - How to harden security - Cybersecurity risk management programs in SA - Risk mitigation for threats


A Practical Guide to Cybersecurity Governance for SAP

A Practical Guide to Cybersecurity Governance for SAP

Author: Juliet Hallett

Publisher: Espresso Tutorials GmbH

Published: 2023-11-24

Total Pages: 114

ISBN-13: 3960122624

DOWNLOAD EBOOK

There is a lot of misunderstanding about how to apply cybersecurity principles to SAP software. Management expects that the SAP security team is prepared to implement a full cybersecurity project to integrate SAP software into a new or existing company cybersecurity program. It’s not that simple. This book provides a practical entry point to cybersecurity governance that is easy for an SAP team to understand and use. It breaks the complex subject of SAP cybersecurity governance down into simplified language, accelerating your efforts by drawing direct correlation to the work already done for financial audit compliance. Build a practical framework for creating a cyber risk ruleset in SAP GRC 12.0, including SOX, CMMC, and NIST controls. Learn how to plan a project to implement a cyber framework for your SAP landscape. Explore controls and how to create control statements, plan of action and milestone (POA&M) statements for remediating deficiencies, and how to document con- trols that are not applicable. The best controls in the world will not lead to a successful audit without the evidence to back them up. Learn about evidence management best practices, including evidence requirements, how reviews should be conducted, who should sign off on review evidence, and how this evidence should be retained. - Introduction to cybersecurity framework compliance for SAP software - SAP-centric deep dive into controls - How to create a cyber risk ruleset in SAP GRC - Implementing a cyber framework for your SAP landscape


World Development Report 2020

World Development Report 2020

Author: World Bank

Publisher: World Bank Publications

Published: 2019-11-19

Total Pages: 545

ISBN-13: 1464814953

DOWNLOAD EBOOK

Global value chains (GVCs) powered the surge of international trade after 1990 and now account for almost half of all trade. This shift enabled an unprecedented economic convergence: poor countries grew rapidly and began to catch up with richer countries. Since the 2008 global financial crisis, however, the growth of trade has been sluggish and the expansion of GVCs has stalled. Meanwhile, serious threats have emerged to the model of trade-led growth. New technologies could draw production closer to the consumer and reduce the demand for labor. And trade conflicts among large countries could lead to a retrenchment or a segmentation of GVCs. World Development Report 2020: Trading for Development in the Age of Global Value Chains examines whether there is still a path to development through GVCs and trade. It concludes that technological change is, at this stage, more a boon than a curse. GVCs can continue to boost growth, create better jobs, and reduce poverty provided that developing countries implement deeper reforms to promote GVC participation; industrial countries pursue open, predictable policies; and all countries revive multilateral cooperation.


Corruption, Crime and Compliance

Corruption, Crime and Compliance

Author: Michael Volkov

Publisher: Ethics 360 Media

Published: 2011-10

Total Pages: 178

ISBN-13: 9789810898458

DOWNLOAD EBOOK

Michael Volkov's career has spanned 30 years as an attorney in Washington, D.C. - as a federal prosecutor, a Chief Counsel on the Senate and House Judiciary Committees, a trial attorney in the Antitrust Division and in private practice. This book will help anyone better understand anti-bribery compliance in the U.S. and beyond. "Michael Volkov's book is a compilation of articles on a number of subjects important to lawyers advising clients how to stay out of trouble. He is a prolific writer and I can say without question, we have not heard the last of his musings. Simply put, his book contains important information that should prove helpful to lawyers, particularly to those who practice in the white collar field." - Judge Stanley Sporkin, Former Director of the Division of Enforcement, U.S. Securities and Exchange Commission.


Auditing and GRC Automation in SAP

Auditing and GRC Automation in SAP

Author: Maxim Chuprunov

Publisher: Springer Science & Business Media

Published: 2013-04-09

Total Pages: 547

ISBN-13: 3642353029

DOWNLOAD EBOOK

Over the last few years, financial statement scandals, cases of fraud and corruption, data protection violations, and other legal violations have led to numerous liability cases, damages claims, and losses of reputation. As a reaction to these developments, several regulations have been issued: Corporate Governance, the Sarbanes-Oxley Act, IFRS, Basel II and III, Solvency II and BilMoG, to name just a few. In this book, compliance is understood as the process, mapped not only in an internal control system, that is intended to guarantee conformity with legal requirements but also with internal policies and enterprise objectives (in particular, efficiency and profitability). The current literature primarily confines itself to mapping controls in SAP ERP and auditing SAP systems. Maxim Chuprunov not only addresses this subject but extends the aim of internal controls from legal compliance to include efficiency and profitability and then well beyond, because a basic understanding of the processes involved in IT-supported compliance management processes are not delivered along with the software. Starting with the requirements for compliance (Part I), he not only answers compliance-relevant questions in the form of an audit guide for an SAP ERP system and in the form of risks and control descriptions (Part II), but also shows how to automate the compliance management process based on SAP GRC (Part III). He thus addresses the current need for solutions for implementing an integrated GRC system in an organization, especially focusing on the continuous control monitoring topics. Maxim Chuprunov mainly targets compliance experts, auditors, SAP project managers and consultants responsible for GRC products as readers for his book. They will find indispensable information for their daily work from the first to the last page. In addition, MBA, management information system students as well as senior managers like CIOs and CFOs will find a wealth of valuable information on compliance in the SAP ERP environment, on GRC in general and its implementation in particular.


Beginner`s Guide to SAP Security and Authorizations

Beginner`s Guide to SAP Security and Authorizations

Author: Tracy Juran

Publisher: Espresso Tutorials GmbH

Published: 2016-04-14

Total Pages: 124

ISBN-13:

DOWNLOAD EBOOK

SAP has a wide range of built-in functionality to meet various security requirements, including network protection, data protection, and SAP authorizations. This book will focus on the application of SAP authorizations and how user access can be limited by transaction codes, organizational levels, field values, etc. Explore the basic architecture of SAP Security and Authorizations, including user master records, roles, profiles, authorization object classes, authorization objects, and authorization fields. Dive into how to create user profiles and assign roles. Get tips on leveraging the profile generator transaction, PFCG. Obtain valuable tools and tables for identifying user master records and role and authorization information. By using practical examples, tips, and screenshots, the author brings readers new to SAP Security and Authorizations up to speed. - Basic architecture of SAP Security and Authorizations - GRC Access Control introduction - User profile creation and role assignments - Common security and authorization pain point troubleshooting


Corruption, Politics and Development

Corruption, Politics and Development

Author: H. Marquette

Publisher: Springer

Published: 2003-11-04

Total Pages: 278

ISBN-13: 1403943737

DOWNLOAD EBOOK

In 1997, the World Bank announced a strategy to help its borrowers combat corruption, despite earlier claims that work of this kin violated the Bank's non-political mandate. Despite many attempts to reshape corruption as an economic issue rather than a political one, the non-political mandate has never been satisfactorily addressed. Heather Marquette argues that the Bank should focus in its strengths and avoid the more controversial components of its anti-corruption programme, which threaten its credibility.