zap Audit keeps on developing

by Dennis Jürgensen on Jan 18, 2018 4:45:00 PM

The new version of zap Audit is currently in the beta phase and we have invested a great deal of time in preparing this new release, listened carefully to the conversations we have had with our customers and implemented some of the requests we have received from you. Of course, this has all been done to make it easier and more efficient for you, our customers, to work with zap Audit, for example, by further reducing false positives, or giving you the option to filter results by document type, account, customer, vendor, and much more. In this blog post, we will first discuss the new features in the area of indicators, before introducing the other new features step-by-step in forthcoming posts.

Did you catch "December fever" too?

by Dennis Jürgensen on Jan 11, 2018 4:45:00 PM

For many, if not all of you, December 31st was the balance sheet date for the past fiscal year. Many departments / heads of department seize the opportunity to fully use up any budget that they may have managed to save at the end of the year. This phenomenon to completely use up funds which have been allocated but not yet spent at the end of the year is sometimes also known as "December fever". Of course, we do not want to imply any bad intentions, but some of us may even have taken the opportunity in order to be able to demand at least the same, if not even more budget next year. Reason enough for us to take a look at the volume and the amount of orders compared to the rest of the year.

Santa was not the only one handling orders for presents...

by Dennis Jürgensen on Jan 4, 2018 4:45:00 PM

The past year is a thing of the past and according to a survey conducted by Adobe, 51 percent of Germans intended to order all their gifts online. A majority of respondents cited low prices as the main reason for this mania for online shopping [1]. But what about the orders your company places? Are they always determined by seeking economic benefits, or are they standardized processes? In this blog post, we will show you which analyses you can use to find answers to these questions.

Duplicate Payments: I want my money back!

by Prof. Dr. Nick Gehrke on Dec 14, 2017 4:45:00 PM

Duplicate payments are always a hot topic. Due to poor organization, invoices being paid twice is something that happens over and over again. Even in well-defined organizations, duplicate payments occur again and again when the volume of transactions is high. In this blog post, I will explain some advanced methods for detecting duplicate payments in SAP. This is where the Data Scientist really comes into his/her own. It also explains for how long you can still claim duplicate payments back from vendors. That by contrast is something for people who have a liking for the more legal side of things.

Two is always better than one - except when it comes to master data!

by Prof. Dr. Nick Gehrke on Dec 7, 2017 4:45:00 PM

Master data controls all business processes. If master data is not maintained correctly, errors are "passed on" to business transactions and something is pretty much guaranteed to go wrong as a result. Similar problems arise if master data in SAP is not unique because duplicate entries exist. This blog post explains what the specific problems relating to master data duplicates are and how they arise in a business environment. As is befitting for any decent SAP Audit Blog post, it will of course also reveal how to locate master data duplicates for vendors and debtors in SAP, and then clean up them properly.

Using data analysis to uncover fraud

by Dennis Jürgensen on Nov 30, 2017 4:45:00 PM

Over the past few weeks, we have looked at weak password hashes in SAP in quite some detail. Having previously already presented a conceivable scenario for exploiting such a vulnerability, as well as a guide to hacking weak password hashes and the measures to be taken to protect against it, in this blog post, we will be showing you how to use data analyses to detect potential fraud.

4½ procedures for preventing weak password hashes in SAP

by Dennis Jürgensen on Nov 23, 2017 4:45:00 PM

Of course, we don't want to leave you out in the cold after the scenario we described last week and the kind of heavy financial losses that can be occurred as a result. For this reason, in this blog post, we will describe how the SAP ICS can be used to take preventive action, or even better to ensure that weak password hashes do not occur in the first place.

Shockheaded (Hash) Peter: If you play with fire,...

by Dennis Jürgensen on Nov 16, 2017 4:45:00 PM

...you will get burned. That is pretty much how you could sum up the lesson to be drawn from the scenario we are going to describe below. If you are aware of the risk of using weak password hashes and do nothing, you shouldn’t be surprised by the damage that can result. The following story illustrates just how quickly things can unfold.

It's Data Science Time: Share your audit challenges with us!

by Prof. Dr. Nick Gehrke on Nov 9, 2017 4:45:00 PM

"We interrupt the current program for an important announcement." When you hear a sentence like that on the radio or television these days, you usually don't have a very good feeling at first. This time, however, we would ask you to hear us out.

The ones which fall through the net: plausibility and SAP security

by Dennis Jürgensen on Nov 2, 2017 4:45:00 PM

In some areas of process standardization, compliance and correctness or access restrictions, it is sometimes quite difficult, if not impossible, to assign them to one of the classic processes of purchasing, sales or fixed assets. However, this does not mean that audit questions such as superuser activities, separation of duty conflicts or weekend bookings are any less critical.

1 2 3 4 5