[email protected] +44 1256 406 601
SAP Assurance

SAP Assurance

Call Us: +44 1256 406 601 | Contact

Auditing SAP needs specialist skills to gain the desired level of assurance on the risks around an organisation’s implementation. An SAP implementation can evolve into being very complex over a period, with addition of satellite systems like CRM, SRM, HR; monitoring systems like Solution Manager and GRC, and external systems connecting to SAP using proprietary and other protocols.

A typical audit on Segregation of Duties or BASIS configuration may not reveal all the vulnerabilities and security risks underlying your SAP implementation. Our risk based approach can help you identify priority areas and help identify and resolve compliance and security issues on those areas.

    We can help you with carriage return :

  • Data privacy risks in SAP
  • Cyber Security risks and vulnerabilities of your SAP systems
  • Meeting compliance requirements (SOX, ISO,HIPAA)
  • Security Project Management and Project Assurance


  • SAP Penetration Testing
    We use industry leading SAP certified tools and expertise to test the resilience of your SAP systems against hacking and espionage attacks from inside or outside your network.
    Carriage return we identify the target SAP systems in your network, detect existing vulnerabilities, demonstrate the potential impact and provide remediation measures.
  • Compliance Audits
    We work as independent SOX auditors covering IT General Controls around your SAP installation, SAP application controls, and business process controls audits in SAP environment.
    Carriage return these services can be extended to other compliance frameworks like ISO 27001, Data Privacy regulations or other corporate compliance and audit programs.
  • SAP Project Risk Management
    We support the SAP projects with our expertise in Data Migration Validation, assurance on testing process, design of business process controls, inclusion of security best practices in the project design stage and project health reviews.
  • SAP Application Controls Design
    We can help Identify configuration and process gaps and suggest configuration and process changes that should be considered to strengthen the control design.
  • Segregation of Duties and GRC
    We assist our clients in review of the SAP authorisations and Segretation of Duties using GRC10 or other tools and definition of risks, controls and mitigation.This can include:
    • Definition of GRC implementation roadmap
    • Customisation of SAP GRC solution to specific organisation needs and requirementsSupport solution implementation
    • Design and configure reporting to help meet client regulatory, compliance and risk management needs
    • Conduct testing, remediation and training activities to maintain the effectiveness of the GRC programme, personnel, and policies
    • Internal Audit Support

We augment the existing internal audit teams by providing interim specialized support during audits and investigations around your SAP systems. We can provide support in the areas of BASIS.

We would be delighted to discuss your requirements and how we can help you gain assurance around your SAP systems.

Please call us on 01256406601