SAP GRC Audit Universe - SAP GRC

What is SAP GRC Audit Universe?

Audit Universe contains audit entities which can be classified as business units, lines of professional or branches. Audit entities state the audit planning approach and these can be linked to Process Control and Risk Management to find risks, controls, etc.

Create an Auditable Entity

Let us now understand how to create an auditable entity.

Step 1 − Go to /nab option at the top to open Work Centers


Step 2 − In SAP Net Weaver Business Client, go to IAM Work Center.


Step 3 − Navigate to Internal Audit Management → Audit Universe

Step 4 − Click on Create button and go to General tab.

Step 5 − Enter the behind information for auditable entity −

  • Name
  • Description
  • Type
  • Status
  • Notes to add any additional information

Step 6 − Go to Audit Plan tab to view audit proposals and audit plan proposals with the transfer date.

Step 7 − Select the attachments and links tab to add any type of files or links.

Step 8 − When you enter the essential details, you can choice from the following options −

  • Select Save to save the entity.
  • Select Close to exit without saving.

SAP Process Control — Audit Risk Rating

Audit Risk rating is used to explain the criteria for an organization to find risk rating and launch ranking for risk rating. Each auditable entity is rated as per organization opinion in ARR. You can use ARR to perform the following functions −

  • You can find the set of auditable entities and risk factors.
  • Define and evaluate risk scores for risk factor in each auditable entity.
  • As per risk score, you can rate the auditable entity.
  • You can also generate an audit plan from ARR by comparing risk scores for different auditable entities. In addition to this, you can select the high risk score auditable entities and generate audit proposal and audit plan proposal.

Create an Audit Risk Rating

Let us now recognize the steps to create an Audit Risk Rating

Step 1 − In SAP Net Weaver Business Client, go to IAM Work Center.

Step 2 − Navigate to Internal Audit Management → Audit Risk Rating → Create

Step 3 − In General tab, enter the following specifics −

  • Name
  • Description
  • Valid from
  • Valid to
  • Responsible person
  • Status

Step 4 − Go to Auditable Entities and click Add button to choose from auditable entities

Step 5 − Go to Risk Factor tab, and select ARR risk factor. Select Add to add a risk factor → OK.

Step 6 − Go to Risk Scores tab, choice entity and input risk totals on risk factor table.

Click Calculate button to view average total. Go to Risk level and risk import column to enter the information.

Go to Audit Plan Proposal tab, to confirm that you are constructing an audit design application. Choice transfer to create an excel spreadsheet to accepting information in table form for your ARR.
Choice Save button to save audit risk rating for auditable object.

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd Protection Status

SAP GRC Topics