Presentation is loading. Please wait.

Presentation is loading. Please wait.

Evolution of the Siemens Experience in its Effort to Test IT Controls on a Continuous Basis Rolf Haardörfer IT Audit Professional Siemens Corporation Tenth.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Evolution of the Siemens Experience in its Effort to Test IT Controls on a Continuous Basis Rolf Haardörfer IT Audit Professional Siemens Corporation Tenth."— Presentation transcript:

1 Evolution of the Siemens Experience in its Effort to Test IT Controls on a Continuous Basis Rolf Haardörfer IT Audit Professional Siemens Corporation Tenth Continuous Auditing & Reporting Symposium Meeting 11/4/2005

2 Agenda  Overview of Siemens  Benefits of Continuous Auditing  Overview of Siemens SAP Audit Plan  CA at Siemens – Current Activities  CA at Siemens – Planned Activities  Outlook and Next Steps  Questions and Discussion Operational Audit

3 Overview of Siemens  About 430,000 employees worldwide (70,000 thereof in the United States)  Sales of EUR 75 billion in 2004  Siemens has a large audit department executing financial and operational audits throughout the company  Siemens has selected SAP as their standard ERP system  IT Audit Pool conducts all system related audits for the majority of Operating Companies here in the US including a SAP Certification Audit Operational Audit

4 Benefits of CA at Siemens  Simplification of execution of SAP audits  Continuous monitoring of the compliance level of mandatory System Parameter settings.  Improved Governance (Fraud Detection, SOX Compliance, Monitoring, etc.)  Move toward real-time reporting for management and for the investment community.  Improve the skill level and quality of work life of auditing personnel.  Reduces compliance and assurance costs (labor, travel, outside assurance, etc.) Operational Audit

5 Value Proposition COST: Consider a large multinational corporation with 400 auditors (internal & external), each with a fully absorbed (sal./fee, benefits, travel, etc.) $200,000/yr cost for a total annual compliance cost of $80 million dollars. Assume further that the proposed continuous auditing model cost $1 million dollars to develop and implement and only reduced manual compliance effort by 25% in the firm. The annual net estimated savings or cost avoidance of this project for the firm defined above would be: $19 Million dollars (Or nearly $100 million dollars over 5 years)! Operational Audit

6 Overview of Siemens SAP Audit Plan  Typical SAP audit takes about 75 person days covering SAP modules FI, FI-AA, BA, Computer Outsourcing, SD and MM  Overall about 200 audit action sheets (AAS)  Audit Action plan (AAS) was developed in cooperation with KPMG  About 25 percent can be automated without additional formalization or re-engineering of the controls Operational Audit

7 SAP Audit Action Sheet Part 1 Operational Audit

8 SAP Audit Action Sheet Part 2 Operational Audit Pseudo code developed from Rutgers CAR-Lab to automate Audit sheet

9 Two Types of Audit Systems  ACL  Approva BizRights  Virsa  Oversight  E-Audit (Siemens)  Rutgers CAR-Lab SAP model Independent System (Monitoring and Controlling Layer) Embedded Audit System  SAP Audit Information System Operational Audit

10  Utilization of Approva BizRights for monitoring of Segregation of Duties (2 major Div.)  Purchase to Pay Process using ACL’s Direct Link and CCM CA model on 3 large SAP systems  Introduced at the beginning of 2005  Significant payoff right away (duplicate invoice payments, etc.)  Providing real procurement cycle data to Rutgers CAR-Lab for statistical modeling to identify possible anomalies. Operational Audit CA at Siemens – Current Activities

11  Utilization of GL module from Approva BizRights  Introduced in October 2005 for Monitoring of Month End Closing, to be completed in mid 2006 for the GL Module.  Payoff –(Helping with Month End Closing, Ensuring transactions are complete with proper authorizations)  Implementation of travel and expense (T&E) module from ACL  Planned introduction by the end of 2005  Expected benefits – Reduce Fraud (T&E is one the most prevalent areas for fraud). Operational Audit CA at Siemens – Current Activities

12 Preventative / configurable controls strategy: Utilize research from Rutgers CAR-Lab to re-engineer our SAP audit plan to make it more formalizable / automatable. Support and promote the use and enhancement of CA tools (Siemens & Third party) at Siemens Operating & Regional Companies. Demo and provide feedback to Siemens companies on emerging CA tools and technology. Operational Audit CA at Siemens - Planned Activities

13 Utilization of SAP AIS module for execution of SAP audits Allows business to run reports themselves as needed (e.g. Top 10 Security Issues) IT Audit Pool has customized AIS to include automatable audit sheets as predefined reports Estimated reduction of SAP audit time of about 25% Operational Audit CA at Siemens - Planned Activities

14 Outlook and Next Steps  Further leverage Rutgers CAR-Lab research in cooperation with External Auditors to Expand CA scope at Siemens.  Utilization of SAP AIS module at more Operating Companies as standard tool.  Audit Pool will work with Operating Companies to identify and promote existing solutions as best practices.  Audit Pool plans on piloting CA software solutions as a part of a regular SAP audits. Operational Audit

15 Questions? Thank You! Rolf Haardörfer Siemens Corporation IT Audit Pool

Download ppt "Evolution of the Siemens Experience in its Effort to Test IT Controls on a Continuous Basis Rolf Haardörfer IT Audit Professional Siemens Corporation Tenth."

Similar presentations

CFO – MANUFACTURING SECTOR

CFO – MANUFACTURING SECTOR
Improving SOX Remediation Through Automated Testing of Internal Controls November 4, 2005.

Improving SOX Remediation Through Automated Testing of Internal Controls November 4, 2005.
Automação de Auditoría Ryan Teeter, Ph.D. Student, Rutgers University 18 th World Continuous Auditing Symposium 6 th CONTECSI São Paulo, Brasil – June.

Automação de Auditoría Ryan Teeter, Ph.D. Student, Rutgers University 18 th World Continuous Auditing Symposium 6 th CONTECSI São Paulo, Brasil – June.
Understanding Commercial Card and the use of Controls Louisiana GFOA Fall Conference October 9, 2014 Rhonda C. Engel, SVP Commercial Card Sales Manager.

Understanding Commercial Card and the use of Controls Louisiana GFOA Fall Conference October 9, 2014 Rhonda C. Engel, SVP Commercial Card Sales Manager.
Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.
MyFloridaMarketPlace: Project Overview MyFloridaMarketPlace.

MyFloridaMarketPlace: Project Overview MyFloridaMarketPlace.
Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.

Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.
Practical Issues of Implementing Continuous Assurance Systems Presented by John Verver CA, CISA, CMC to the 5 th Continuous Assurance Symposium November.

Practical Issues of Implementing Continuous Assurance Systems Presented by John Verver CA, CISA, CMC to the 5 th Continuous Assurance Symposium November.
Implementing Continuous Auditing in a Global Real Time Economy Miklos A. Vasarhelyi KPMG Professor of AIS Rutgers University Technology Consultant AT&T.

Implementing Continuous Auditing in a Global Real Time Economy Miklos A. Vasarhelyi KPMG Professor of AIS Rutgers University Technology Consultant AT&T.
The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.

The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.
1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations.

1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations.
The Acceptance and Adoption of Continuous Auditing by Internal Auditors: A Micro Analysis Miklos A. Vasarhelyi Micheal Alles Siripan Kuenkaikaew James.

The Acceptance and Adoption of Continuous Auditing by Internal Auditors: A Micro Analysis Miklos A. Vasarhelyi Micheal Alles Siripan Kuenkaikaew James.
SE 464: Industrial Information systems Systems Engineering Department Industrial Information System LAB 02: Introduction to SAP.

SE 464: Industrial Information systems Systems Engineering Department Industrial Information System LAB 02: Introduction to SAP.
1 Continuous Monitoring of Business Process Controls: A Pilot Implementation of a Continuous Auditing System at Michael G. Alles Gerard Brennan Alexander.

1 Continuous Monitoring of Business Process Controls: A Pilot Implementation of a Continuous Auditing System at Michael G. Alles Gerard Brennan Alexander.
Introduction to SAP R/3.

Introduction to SAP R/3.
Continuous Auditing Applications for SAP/R3 Vincent Rykes City of Edmonton.

Continuous Auditing Applications for SAP/R3 Vincent Rykes City of Edmonton.
University of Southern California Enterprise Wide Information Systems The Procurement Process Instructor: Richard W. Vawter.

University of Southern California Enterprise Wide Information Systems The Procurement Process Instructor: Richard W. Vawter.
© 2007. Siemens Product Lifecycle Management Software Inc. All rights reserved Siemens PLM Software A protocol for continuous monitoring and assurance.

© Siemens Product Lifecycle Management Software Inc. All rights reserved Siemens PLM Software A protocol for continuous monitoring and assurance.
Audit Automation as the Foundation of Continuous Auditing Michael Alles Alexander Kogan Miklos A. Vasarhelyi J. Donald Warren, Jr.

Audit Automation as the Foundation of Continuous Auditing Michael Alles Alexander Kogan Miklos A. Vasarhelyi J. Donald Warren, Jr.

Similar presentations

Ads by Google