The International Leader in Audit and Information Security Training EARN 30 CPE CREDITS HOW TO AUDIT SAP™ R/3™ BASIS High-Risk Areas in the SAP R/3 Infrastructure and How to Mitigate Them 13th - 16th November 2006, London COURSE DIRECTOR FRANK W. LYONS, CISA In this four-day programme you will: Learn how to audit the SAPTM R/3TM system infrastructure Develop the necessary skills for tackling SAPTM R/3TM control challenges Gain a thorough understanding of how to implement and manage an online and e-commerce based SAPTM R/3TM environment “A very good course which provides the core knowledge required to audit SAP R/3 Basis” David Howell, HM Revenue & Customs WWW.MISTIEUROPE.COM SEMINAR FOCUS AND FEATURES DAY ONE SAP™ R/3™ Fundamentals Review overall architecture direct transaction process High-Risk Areas in the SAP R/3 Infrastructure and How to Mitigate Them 13th - 16th November 2006, London Internet transaction process e-commerce solutions MySAP.com B2B solutions SAP™ R/3™Terms This intensive, four-day seminar is designed for technical auditors charged with auditing the infrastructure of the SAP™ R/3™ system and focuses on the control challenges inherent in implementing and managing an online and e-commerce SAP™ R/3™ environment using the Basis Module. system & technical architecture Internet Transaction Server (ITS) audit and security features in the new releases SAP™ R/3™ Basis System definition of the role of the Basis module Prerequisite: You should have first attended SAP™ R/3™ Concepts and Audit Risks, or have equivalent experience configuration settings for Basis Learning Level: Advanced standard profiles programme controls: authentication, defaults, transaction activity groups WHO SHOULD ATTEND Internal, Financial, Operational, and Information Technology Auditors; Security Professionals standard authorisation SAP™ R/3™ object definitions data dictionary control and maintenance ABAP/4 programming controls processing types object and component programming (RPCs), User Exits, CPIC COURSE DIRECTOR Understanding SAP™ R/3™ Communications key objects key processes IDOCs CPIC ITS ALE Frank W. Lyons, CISA Frank W. Lyons, CISA, is a consultant specialising in developing, managing, securing, and auditing large and small networked information systems. A recognised leader in the field, he has been involved in data security and database technology for nearly 21 years. As IS Audit Manager for Blue Shield and Sun Banks, Mr. Lyons designed a functional approach to IS auditing that he later used as Manager of Advanced Technology for the Institute of Internal Auditors. He has been with Cullinet Database Systems and a partner in the Plagman Group where he developed database auditing and data security seminars. background processes batch processes EDI transaction control network controls middleware controls remote communication controls audit trails DAY TWO SAP™ R/3™ Records user master customer vendor other key master records table maintenance controls Real-World Solutions to SAP™ R/3™ Audit and Control special rights and access configuration and set-up problems and controls system administration and segregation of duties development rights access building for SAP™ R/3™ Auditing Standards business objects user access interface adviser profile changes activity groups and profile generator authorisation change DAY FOUR transaction & document trails Correction and Transport System Control log files platform separation archiving configuring CTS SAP™ R/3™ system logs correction process SAP™ R/3™ application logs transport process operating logs version control operating system audit capability delta control operating system audit logs audit logs database systems authorisation process DBMS logs & audit logs table reporting transaction logs emergency fixes user logs testing approach transaction type & activity logs test decking SAP R/3 audit tools and techniques integrated testing facility SAP™ R/3™ Administration An Audit Approach system and database administration auditing the system tiers security administration auditing the infrastructure Basis administration evaluating audit trails user administration changes auditing the Basis Module DAY THREE conversion controls system implementation audit approach Internet Transaction Server definition e-commerce solution MySAP.com transaction controls BAPIs programme control database controls B2B solutions data integration between solutions sets risk and control points Case Study / Review “Very useful course in understanding fraud audits and how a fraudster might attack an organisation” Audit Committee, Civil Aviation Authority Fee GBP£1,995 Earn 30 CPE’s IN-HOUSE TRAINING REGISTRATION FORM Save up to 50% on training Tailored Training for your team and Save up to 50% If you have to comply with Sarbanes-Oxley, just installed a new ERP system, recruited new staff - or maybe you are keen to secure your network, take preventative measures to counteract fraud or comply with the latest legislation. Either way if you have 5 or more people who require training on the same topic, MIS can tailor training courses to meet your exact We charge per day and NOT per participant so the cost remains the same regardless of how many people you have in your team. WEB How to Audit SAP™ R/3™ Basis 5 easy ways to register (please photocopy form for additional delegates) Tel: +44 (0)20 7779 8944 13th - 16th November 2006, London Fax completed form to: +44 (0)20 7779 8293 (MT2008) GBP £1,995 £ - 10% discount* £ + VAT @ 17.5% £ Grand Total £ Email: [email protected] Web: www.mistieurope.com *Discounts: Government, 10% off regular fees. Please call to enquire about corporate discounts. Discounts can not be used in conjunction with each other. Post completed form to: Lisa Davies, MIS Training, Nestor House, Playhouse Yard, London EC4V 5EX UK Fees must be paid in advance of the event. First name Save time on travel as the instructor will travel to you. Furthermore, the training can be held at the most convenient time for you. Ensure the relevance of the seminar for your organisation and industry. You may wish to tailor the structure and methodology of your seminar or customise the seminar to meet the expertise levels of your attending employees. Please send me information on: Oracle Training Week, 21st-25th Surname Title/Position Organisation E-Mail Address (Required) Address Country Postcode Telephone Fax The information you provide will be safeguarded by the Euromoney Institutional Investor PLC group whose subsidiaries may use it to keep you informed of relevant products and services. We occasionally allow reputable companies outside the Euromoney Institutional Investor PLC group to contact you with details of products that may be of interest to you. As an international group we may transfer your data on a global basis for the purposes indicated above. If you object to contact by telephone , fax , or email please tick the relevant box. If you do not want us to share your information with other reputable companies please tick this box . Payment Information Cheque enclosed (payable to MIS Training) Please debit my credit card Save money over public seminar fees in addition to savings on travel and accommodation costs. Customer Information Title With In-House Training You Will: Please invoice my company PO# AMEX VISA MasterCard Card Number Expiry Cardholders name Verification Code Please include billing address if different from address given Please note that in completing this booking you undertake to adhere to the cancellation and payment terms listed below Signature Date Approving Manager Position August 2006, Geneva Sarbanes-Oxley the Next Step for IT Audit, 20th-22nd September 2006, London SAP R/3 Concepts & Audit Risks, 11th-13th September 2006, London In House Training Registration Information (fees must be paid in advance of the event) Accommodation: MIS Training has negotiated special accommodation rates at hotels in central London. For further information please call IBR on +44 (0) 1332 285521 or fax 0845 330 4982 (UK only) or +44 (0) 1332 287613 (outside UK) or go to www.ibr.co.uk/mis. Cancellation Policy: Should a delegate be unable to attend, a substitute may attend in his or her place. Cancellations received within 21 working days of the event are liable for the full seminar fee. If full payment has been received you are eligible for a 75% reduction on the next run of the seminar. This discount will be valid for one year only. MIS reserves the right to change or cancel programmes due to unforeseen circumstances. VAT: All delegates attending are liable to pay VAT. After the event organisations registered for VAT in the UK may reclaim the tax. Delegates from outside the UK but within the European Community may also be able to reclaim the VAT. Organisations outside the UK should check with their excise authority as to which domestic fiscal regulations apply. High Yield/No-Risk Guarantee: Attend these workshops and receive tools and techniques that will help you do your job better. If you do not, simply tell us why on your company letterhead and we will give you a full credit toward another programme.