Segregation of duties in the purchase process

Posted by Prof. Dr. Nick Gehrke on Nov 2, 2016 4:00:00 PM

Part VIII of the series: “Digitization of auditing SAP purchasing processes”

Today’s blog post introduces the possibility to detect process shortcomings in the area of segregation of duties.

  1. Digitization of auditing SAP purchase processes
  2. How process auditing is transformed through digitization
  3. Automated auditing of SAP master data
  4. Auditing of purchase orders and goods received
  5. Invoice auditing in SAP
  6. Just pay it twice: auditing payments in SAP
  7. The search for exotic processes
  8. Segregation of Duties in the SAP purchase process
  9. SAP data structure for the purchase to payables process
  10. The end of digitization - professional judgement in procurement

 

Before you proceed reading on the details of the indicators, I would recommend to read the concept of indicators in part 3 of the series first.

Auditing true SOD conflicts-1.png

 

SAP segregation of duties in the purchase process

Segregation of duties in SAP means that certain combinations of tasks should not be conducted by one and the same person, as those are critical task combinations. There are various tools on the market which allow for the evaluation of conflicts that arise during segregation of duties in SAP. Thereby licenses are usually evaluated in order to determine which user should perform which transactions. This determines whether a user could perform a critical combination of transactions.

Particularly interesting is whether a user has actually performed such a critical combination within the same process. In such a case, the segregation of duties have taken place during a business transaction with regard to the critical task combination. Most analysis tools do not offer this kind of analysis, because it requires identifying the end-to-end process first. The Financial Process Algorithm however fulfils this requirement, making it possible to conduct a true segregation of duties analysis.

 

 

TOP SoD conflicts in the purchasing process

The segregation of duties analysis is an indicator in the purchasing process. Altogether I have designed and implemented 45 indicators for the purchase process. You can download the details about all purchase indicators here.

 

Download

 

The following segregation of duties conflicts can therefore be detected:

  • Create fictitious vendor and initiate payment to the vendor
  • Maintain a fictitious vendor and direct disbursements to it
  • Create fictitious vendor invoice and initiate payment for it
  • Procure unauthorized items and initiate payment by invoicing
  • Procure unauthorized items and hide by not fully receiving the order
  • Procure unauthorized items and enact payment for them
  • Maintain a fictitious vendor and initiate purchase order to the vendor
  • Receive services and release blocked invoice to offset receipt
  • Maintain PO and release a previously blocked Invoice

 

Free trial

You want to try out the unique zap Audit SoD analysis, or different indicators for free? Just register here:

  zap Audit Pro     trial  

 

Topics: Purchase, SAP, Audit, Segregation Of Duties, SoD

Blog Commentary