© 2021 RSM US LLP. All rights reserved.
SAP Risk Advisory Capabilities
Helping you maximize your ERP investment and mitigate risks.
No matter where you are in your SAP life cycle, RSM’s experienced professionals can help you manage your organization’s security and controls risk.
The SAP risk advisory professionals at RSM have extensive SAP security and controls knowledge, in addition to functional experience with multiple SAP versions in multiple industries. Many of our team members have held roles on SAP implementations or operational roles in the public sector, so we truly understand your needs.
RSM is a member of the SAP PartnerEdge open ecosystem, and our SAP team members have:
- Performed both internal and external ERP IT controls audits. This experience means we can anticipate the needs of your external auditor, making it easier to assist your internal audit function. We can also more easily assist our financial auditors in performing an efficient external ERP IT controls audit
- Performed controls design and controls assessments for multiple types of regulated environments and/or controls frameworks such as SOX, FDA, ISO, PCI, NIST and COSO/COBIT
- Working knowledge of SAPs ASAP methodology to help you navigate risk during your ERP implementation
- Performed security role designs or role re-designs, remediating segregation of duties conflicts or restricted access issues
- Worked with business process owners in designing SAP automated application controls during implementations
- Experience working with multiple SAP GRC tools such as SAP GRC, Approva and others―meaning we can help you with tool selection and/or rule development
Years of SAP experience enables us to quickly understand your needs and assist you with a realistic approach to remediate issues.
How can we help you?
Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.
CYBERSECURITY RAPID ASSESSMENT®
Complete our Cybersecurity Rapid Assessment form to be contacted about receiving our "quick-hit" evaluation of your organization’s overall security risk.