Concept of ERP Audit
Evaluating access control: Many factors need to be reviewed during an ERP audit to ensure security and privacy in an ERP system. However, the most crucial among these is maintaining the access controls and configurations, as these are widespread and can have a significant impact. These are constantly subject to change; therefore, maintaining them is a challenge. In this context, it is necessary to carry out the audit of all aspects of an ERP comprehensively at a post-implementation review. Subsequently, the review of access controls and configurations should be carried out regularly, at least once in six months. The ideal situation would be to move this kind of audit to a highly automated process using tools to perform a continuous monitoring audit.