The new version of zap Audit is currently in the beta phase and we have invested a great deal of time in preparing this new release, listened carefully to the conversations we have had with our customers and implemented some of the requests we have received from you. Of course, this has all been done to make it easier and more efficient for you, our customers, to work with zap Audit, for example, by further reducing false positives, or giving you the option to filter results by document type, account, customer, vendor, and much more. In this blog post, we will first discuss the new features in the area of indicators, before introducing the other new features step-by-step in forthcoming posts.
For many, if not all of you, December 31st was the balance sheet date for the past fiscal year. Many departments / heads of department seize the opportunity to fully use up any budget that they may have managed to save at the end of the year. This phenomenon to completely use up funds which have been allocated but not yet spent at the end of the year is sometimes also known as "December fever". Of course, we do not want to imply any bad intentions, but some of us may even have taken the opportunity in order to be able to demand at least the same, if not even more budget next year. Reason enough for us to take a look at the volume and the amount of orders compared to the rest of the year.
The past year is a thing of the past and according to a survey conducted by Adobe, 51 percent of Germans intended to order all their gifts online. A majority of respondents cited low prices as the main reason for this mania for online shopping . But what about the orders your company places? Are they always determined by seeking economic benefits, or are they standardized processes? In this blog post, we will show you which analyses you can use to find answers to these questions.
Duplicate payments are always a hot topic. Due to poor organization, invoices being paid twice is something that happens over and over again. Even in well-defined organizations, duplicate payments occur again and again when the volume of transactions is high. In this blog post, I will explain some advanced methods for detecting duplicate payments in SAP. This is where the Data Scientist really comes into his/her own. It also explains for how long you can still claim duplicate payments back from vendors. That by contrast is something for people who have a liking for the more legal side of things.
Master data controls all business processes. If master data is not maintained correctly, errors are "passed on" to business transactions and something is pretty much guaranteed to go wrong as a result. Similar problems arise if master data in SAP is not unique because duplicate entries exist. This blog post explains what the specific problems relating to master data duplicates are and how they arise in a business environment. As is befitting for any decent SAP Audit Blog post, it will of course also reveal how to locate master data duplicates for vendors and debtors in SAP, and then clean up them properly.
Over the past few weeks, we have looked at weak password hashes in SAP in quite some detail. Having previously already presented a conceivable scenario for exploiting such a vulnerability, as well as a guide to hacking weak password hashes and the measures to be taken to protect against it, in this blog post, we will be showing you how to use data analyses to detect potential fraud.
Of course, we don't want to leave you out in the cold after the scenario we described last week and the kind of heavy financial losses that can be occurred as a result. For this reason, in this blog post, we will describe how the SAP ICS can be used to take preventive action, or even better to ensure that weak password hashes do not occur in the first place.
...you will get burned. That is pretty much how you could sum up the lesson to be drawn from the scenario we are going to describe below. If you are aware of the risk of using weak password hashes and do nothing, you shouldn’t be surprised by the damage that can result. The following story illustrates just how quickly things can unfold.
In some areas of process standardization, compliance and correctness or access restrictions, it is sometimes quite difficult, if not impossible, to assign them to one of the classic processes of purchasing, sales or fixed assets. However, this does not mean that audit questions such as superuser activities, separation of duty conflicts or weekend bookings are any less critical.