HOW TO AUDIT SAP™ R/3™ BASIS EARN CPE CREDITS

The International Leader
in Audit and Information
Security Training
EARN 30 CPE CREDITS
HOW TO AUDIT SAP™
R/3™ BASIS
High-Risk Areas in the SAP R/3 Infrastructure
and How to Mitigate Them
13th - 16th November 2006, London
COURSE DIRECTOR FRANK W. LYONS, CISA
In this four-day programme you will:
Learn how to audit the SAPTM R/3TM system infrastructure
Develop the necessary skills for tackling SAPTM R/3TM control
challenges
Gain a thorough understanding of how to implement and
manage an online and e-commerce based SAPTM R/3TM
environment
“A very good course which provides
the core knowledge required to audit
SAP R/3 Basis”
David Howell, HM Revenue & Customs
WWW.MISTIEUROPE.COM
SEMINAR FOCUS
AND FEATURES
DAY ONE
SAP™ R/3™ Fundamentals
Review
overall architecture
direct transaction process
High-Risk Areas in the SAP R/3 Infrastructure and How to
Mitigate Them
13th - 16th November 2006, London
Internet transaction process
e-commerce solutions
MySAP.com
B2B solutions
SAP™ R/3™Terms
This intensive, four-day seminar is designed for technical
auditors charged with auditing the infrastructure of the
SAP™ R/3™ system and focuses on the control
challenges inherent in implementing and managing an
online and e-commerce SAP™ R/3™ environment using
the Basis Module.
system & technical architecture
Internet Transaction Server (ITS)
audit and security features in the new
releases
SAP™ R/3™ Basis System
definition of the role of the Basis module
Prerequisite: You should have first attended SAP™ R/3™
Concepts and Audit Risks, or have equivalent experience
configuration settings for Basis
Learning Level: Advanced
standard profiles
programme controls: authentication,
defaults, transaction
activity groups
WHO SHOULD ATTEND
Internal, Financial, Operational, and Information Technology
Auditors; Security Professionals
standard authorisation
SAP™ R/3™ object definitions
data dictionary control and maintenance
ABAP/4 programming controls
processing types
object and component programming (RPCs),
User Exits, CPIC
COURSE
DIRECTOR
Understanding SAP™ R/3™
Communications
key objects
key processes
IDOCs
CPIC
ITS
ALE
Frank W. Lyons, CISA
Frank W. Lyons, CISA, is a consultant specialising in developing,
managing, securing, and auditing large and small networked information
systems. A recognised leader in the field, he has been involved in data
security and database technology for nearly 21 years. As IS Audit
Manager for Blue Shield and Sun Banks, Mr. Lyons designed a functional
approach to IS auditing that he later used as Manager of Advanced
Technology for the Institute of Internal Auditors. He has been with Cullinet
Database Systems and a partner in the Plagman Group where he
developed database auditing and data security seminars.
background processes
batch processes
EDI transaction control
network controls
middleware controls
remote communication controls
audit trails
DAY TWO
SAP™ R/3™ Records
user master
customer
vendor
other key master records
table maintenance controls
Real-World Solutions to
SAP™ R/3™ Audit and
Control
special rights and access
configuration and set-up problems and
controls
system administration and segregation of
duties
development rights
access building for SAP™ R/3™
Auditing Standards
business objects
user access
interface adviser
profile changes
activity groups and profile generator
authorisation change
DAY FOUR
transaction & document trails
Correction and Transport
System Control
log files
platform separation
archiving
configuring CTS
SAP™ R/3™ system logs
correction process
SAP™ R/3™ application logs
transport process
operating logs
version control
operating system audit capability
delta control
operating system audit logs
audit logs
database systems
authorisation process
DBMS logs & audit logs
table reporting
transaction logs
emergency fixes
user logs
testing approach
transaction type & activity logs
test decking
SAP R/3 audit tools and techniques
integrated testing facility
SAP™ R/3™ Administration
An Audit Approach
system and database administration
auditing the system tiers
security administration
auditing the infrastructure
Basis administration
evaluating audit trails
user administration changes
auditing the Basis Module
DAY THREE
conversion controls
system implementation
audit approach
Internet Transaction Server
definition
e-commerce solution
MySAP.com
transaction controls
BAPIs
programme control
database controls
B2B solutions
data integration between solutions sets
risk and control points
Case Study / Review
“Very useful course
in understanding
fraud audits and
how a fraudster
might attack an
organisation”
Audit Committee,
Civil Aviation Authority
Fee
GBP£1,995
Earn 30 CPE’s
IN-HOUSE
TRAINING
REGISTRATION FORM
Save up to 50% on training
Tailored Training for your team and Save up
to 50% If you have to comply with
Sarbanes-Oxley, just installed a new ERP
system, recruited new staff - or maybe you
are keen to secure your network, take
preventative measures to counteract fraud
or comply with the latest legislation. Either
way if you have 5 or more people who
require training on the same topic, MIS can
tailor training courses to meet your exact
We charge per day and NOT per
participant so the cost remains the same
regardless of how many people you have in
your team.
WEB
How to Audit SAP™ R/3™
Basis
5 easy ways to register
(please photocopy form for additional delegates)
Tel: +44 (0)20 7779 8944
13th - 16th November 2006, London
Fax completed form to:
+44 (0)20 7779 8293
(MT2008)
GBP £1,995
£
- 10% discount*
£
+ VAT @ 17.5%
£
Grand Total
£
Email: [email protected]
Web: www.mistieurope.com
*Discounts: Government, 10% off regular
fees. Please call to enquire about corporate
discounts. Discounts can not be used in
conjunction with each other.
Post completed form to:
Lisa Davies,
MIS Training, Nestor House,
Playhouse Yard,
London
EC4V 5EX UK
Fees must be paid in advance of the event.
First name
Save time on travel as the instructor will
travel to you. Furthermore, the training can
be held at the most convenient time for you.
Ensure the relevance of the seminar for
your organisation and industry. You may
wish to tailor the structure and
methodology of your seminar or customise
the seminar to meet the expertise levels of
your attending employees.
Please send me information on:
Oracle Training Week, 21st-25th
Surname
Title/Position
Organisation
E-Mail Address (Required)
Address
Country
Postcode
Telephone
Fax
The information you provide will be safeguarded by the Euromoney Institutional Investor PLC group whose
subsidiaries may use it to keep you informed of relevant products and services. We occasionally allow
reputable companies outside the Euromoney Institutional Investor PLC group to contact you with details of
products that may be of interest to you. As an international group we may transfer your data on a global
basis for the purposes indicated above. If you object to contact by telephone , fax , or email please
tick the relevant box. If you do not want us to share your information with other reputable companies
please tick this box .
Payment Information
Cheque enclosed (payable to MIS Training)
Please debit my credit card
Save money over public seminar fees in
addition to savings on travel and
accommodation costs.
Customer Information
Title
With In-House Training You
Will:
Please invoice my company PO#
AMEX VISA MasterCard
Card Number
Expiry
Cardholders name
Verification Code
Please include billing address if different from address given
Please note that in completing this booking you undertake to adhere to the cancellation
and payment terms listed below
Signature
Date
Approving Manager
Position
August 2006, Geneva
Sarbanes-Oxley the Next Step for IT
Audit, 20th-22nd September 2006,
London
SAP R/3 Concepts & Audit Risks,
11th-13th September 2006, London
In House Training
Registration Information
(fees must be paid in advance of the event)
Accommodation: MIS Training has negotiated
special accommodation rates at hotels in central
London. For further information please call IBR on
+44 (0) 1332 285521 or fax 0845 330 4982 (UK
only) or +44 (0) 1332 287613 (outside UK) or go to
www.ibr.co.uk/mis.
Cancellation Policy: Should a delegate be unable
to attend, a substitute may attend in his or her
place. Cancellations received within 21 working
days of the event are liable for the full seminar fee.
If full payment has been received you are eligible
for a 75% reduction on the next run of the
seminar. This discount will be valid for one year
only. MIS reserves the right to change or cancel
programmes due to unforeseen circumstances.
VAT: All delegates attending are liable to pay VAT.
After the event organisations registered for VAT in
the UK may reclaim the tax. Delegates from
outside the UK but within the European
Community may also be able to reclaim the VAT.
Organisations outside the UK should check with
their excise authority as to which domestic fiscal
regulations apply. High Yield/No-Risk
Guarantee: Attend these workshops and receive
tools and techniques that will help you do your job
better. If you do not, simply tell us why on your
company letterhead and we will give you a full
credit toward another programme.