Course Outline
Session 1 (4h)
Module 1 – S/4HANA Fundamentals for Auditors (2h)
- Basic architecture (ABAP, Fiori, catalogs/roles).
-
Key Changes vs. ECC:
- Business Partner.
- Universal Journal (ACDOCA).
- Workflows flexibles.
- AIS location today: transactions and equivalents in Fiori.
Module 2 – Access, roles and essential SoD (2h)
- Users, PFCG, SUIM, SU53, SU24 (authorizations by tcode).
- Fiori catalogs and roles (app-id, catalog, space).
- Basic SoD matrix and typical findings (e.g. creation and release in the same role).
Session 2 (4h)
Module 3 – Security logs and traces (3h)
- Security Audit Log (SM19/SM20): activation, filters, reading.
- STAD/ST03N: usage statistics, sessions and peaks.
- Read Access Logging (RAL): concept and when to use it.
- Good practices for evidence retention and export.
Module 4 – Configuration changes and sensitive data (1h)
- SCU3 (change documents), SCC4 (change policy).
- Critical parameters (RZ10/RZ11): reading and evidence.
Session 3 (4h)
Module 5 – Process Controls (FI/MM/SD) in S/4 (4h)
- FI: tolerances, OB52 (periods), segregation in entries, journal approval (workflow).
- MM: release strategies, limits, single supplier, changes in conditions.
- SD: Credit limits (FSCM Credit Management), price/condition changes.
- BP: controls on creation/exchange, fiscal/banking sensitivity.
- Risk-driven sampling and selection techniques.
Session 4 (4h)
Module 6 – Comprehensive laboratory + reporting (3h)
- Raise roles and access of a critical user.
- Trace operation (buy/sell) and obtain evidence (SM20/SCU3).
- Document findings with catches and exports.
- Preparation of working papers and traceability.
Module 7 – Closure and action plan (1h)
- Internal control checklist in S/4.
- Prioritization of findings and recommendations.
Deliverables:
- Checklist of 20+ controls (FI/MM/SD/BP).
- Quick guide to SM19/SM20, SUIM, SCU3, STAD/ST03N.
Requirements
- An understanding of basic auditing principles
- Experience with SAP systems
- Familiarity with compliance and control frameworks
Audience
- Auditors
- Internal control specialists
- SAP security consultants
- Compliance officers
Testimonials (3)
Teacher knolage
Collin Sampson
Course - SAP S/4HANA Overview (S4H00)
We have learnt so many things that we didn't know before.
Lebogang Kgosiesele - Lucara Botswana
Course - SAP S/4 HANA PP (Production Planning)
Ayman was a very good trainer. He explained our doubts and was very easy to understand. He gave satisfactory answer to all questions we raised.