Integrated Auditing of ERP SystemsERP系统综合审计
2002-11
吉林长白山
Musaji, Yusufali F.
278
无
The late 1990s witnessed a boom in companies investing in multimillion dollar Enterprise Resource Planning (ERP) systems, comprehensive technologies that increase efficiency and profitability by placing all business transactions under one inclusive system. Yet the benefits of ERP systems come with a larger degree of risk. Supply-chain links to other companies, employee access to a greater amount of business information, and newer extract reporting features likewise introduce new risk factors that must be managed. With most Fortune 500 companies and other large organizations now depending on SAP, Oracle, Peoplesoft, and other ERP systems as key components to their strategic growth, it is critical for companies to reduce risk and ensure that their ERP systems operate at maximum efficiency. Integrated Auditing of ERP Systems presents a structured methodology designed to automate the drudgery of implementing an ERP system and provides organized approaches to problem-solving by listing, diagramming, and documenting all steps. Approaching ERP systems as an engineering discipline rather than as whims of individual software developers, structured methodologies standardize ERP implementation and maintenance, thereby reducing critical risk factors. IT auditing expert Yusufali Musaji breaks the ERP life cycle into six definitive steps: Project definition and requirement analysis External design Internal design Preimplementation Implementation Postimplementation: evaluating controls and debugging Musaji walks readers through each step of the ERP process, explaining each component’s significance and thus eliminating sources of confusion and error. In addition to the structured methodology underlying ERP, Integrated Auditing of ERP Systems explains the complex multilayered structure of data and how access by thousands of users is managed. It maps out how to conduct an integrated ERP audit and contains sample audit tests to help the reader understand difficult concepts. The book concludes with a chapter on SAP architecture, showing the reader how to adopt general techniques to their targeted SAP needs. The unified nature of an ERP system promises businesses fewer errors, improved speed and efficiency, and more complete access to information. The structured methodology and auditing techniques presented in Integrated Auditing of ERP Systems empowers IS auditors, IT managers, and chief security officers to achieve maximum ERP efficiency at minimum risk. 作者简介: Yusufali F. Musaji, CGA, CISA, CISSP, is Founder, Director, and President of Ali's N Y Consulting, Inc., an IT and financial consulting firm specializing in computer publishing. Mr. Musaji's experience embraces the full spectrum of financial, orperational, and IT disciplines required of state-of-the-art organizations.
PrefaceChapter 1 ERP System Implementation Overview Chapter 2 ERP System Vulnerabilities and Controls Chapter 3 ERP Life Cycle Appendix 3A: Project Definition and Requirements Analysis Phase Audit Tests Appendix 3B: External and Internal Design Phases Audit Tests Appendix 3C: Pre-implementation Phase Chapter 4 Change Management Example 4A: Process Framework for ERP System Group Example 4B: Organizational Roles and Responsibilities for ERP Systems Engineering Example 4C: Organizational Roles and Responsibilities for Data Management Example 4D: Organizational Roles and Responsibilities for ERP Production SystemChapter 5 Post-implementation Issues and ControlsChapter 6 SAP Overview and Basis Component ReviewIndex
无
Integrated Auditing of ERP SystemsERP系统综合审计 PDF格式下载