CobiT and the Sarbanes-Oxley Act: The SOX Guide for SAP Operations

CobiT and the Sarbanes-Oxley Act: The SOX Guide for SAP Operations

Other Format

$34.95

Product Details

ISBN-13: 9781592291281
Publisher: Rheinwerk Publishing, Inc.
Publication date: 02/28/2007
Pages: 196
Product dimensions: 41.34(w) x 6.30(h) x (d)

About the Author

Sabine Schöler, SAP employee since 1993, was project leader in several complex SAP implementation and development projects. Today she uses this experience in the department of Service Solution Management for coordination and further development of the SAP service portfolio and the methodologies for SAP solution operations. Since 2006 she is responsible for the ramp-up of several SAP products.

Liane Will has been working in the Active Global Support department at SAP AG since 1998. She gained her experience in the system operation of SAP solutions by supporting customers in solving problems and establishing best practices in system operation. She manages a team that focuses on the implementation and optimization of the application lifecycle management based on SAP Solution Manager. Based on her extensive support experience, she’s already the author of a number of books (published by SAP PRESS) on best practices in system administration. Before she joined SAP, Liane developed SAP support tools for databases.

Marc Oliver Schäfer studied English and German Literatures and Languages at the University of Tübingen and worked with DaimlerChrysler as a language and intercultural trainer for two years. He joined SAP in 2000 as a product manager for the Customizing Tools development team. In 2005, Marc became part of the Service Solution Management organization as a senior product manager where his responsibilities lie with compliance, Change Request Management and Service Desk topics in SAP Solution Manager. He can be reached at marc.oliver.schaefer@sap.com.

Table of Contents

Foreword ... 9
Acknowledgements ... 111. Introduction ... 13
... 1.1 Overview of CobiT ... 13
... 1.2 COSO ... 18
... 1.3 Overview of the Sarbanes-Oxley Act ... 19
... 1.4 Connection Between CobiT and Other Standards of Best Practices ... 23
... 1.5 SAP IT Service & Application Management ... 252. Central SAP Tools ... 29
... 2.1 SAP Solutions for Governance, Risk, and Compliance ... 29
... 2.2 SAP Solution Manager: The SAP Platform for Application Management and Cooperation ... 353. CobiT Domain: Plan and Organize ... 41
... 3.1 PO1: Defining a Strategic IT Plan ... 42
... 3.2 PO2: Defining the Information Architecture ... 45
... 3.3 PO3: Determining the Technological Direction ... 52
... 3.4 PO4: Defining the IT Processes, Organization, and Relationships ... 53
... 3.5 PO5: Managing the IT Investment ... 61
... 3.6 PO6: Communicating Management Aims and Direction ... 62
... 3.7 PO7: Managing IT Human Resources ... 64
... 3.8 PO8: Managing Quality ... 68
... 3.9 PO9: Assessing and Managing IT Risks ... 71
... 3.10 PO10: Managing Projects ... 754. CobiT Domain: Acquire and Implement ... 79
... 4.1 AI1: Identifying Automated Solutions ... 80
... 4.2 AI2: Acquiring and Maintaining Application Software ... 83
... 4.3 AI3: Acquiring and Maintaining Technology Infrastructure ... 90
... 4.4 AI4: Enabling Operation and Use ... 97
... 4.5 AI5: Procuring IT Resources ... 101
... 4.6 AI6: Managing Changes ... 102
... 4.7 AI7: Installing and Accrediting Solutions and Changes ... 1045. CobiT Domain: Deliver and Support ... 109
... 5.1 DS1: Defining and Managing Service Levels ... 111
... 5.2 DS2: Managing Third-Party Services ... 118
... 5.3 DS3: Managing Performance and Capacity ... 123
... 5.4 DS4: Ensuring Continuous Operation ... 125
... 5.5 DS5: Ensuring Systems Security ... 127
... 5.6 DS6: Identifying and Allocating Costs ... 135
... 5.7 DS7: Educating and Training Users ... 136
... 5.8 DS8: Managing the Service Desk and Incidents ... 138
... 5.9 DS9: Managing the Configuration ... 141
... 5.10 DS10: Managing Problems ... 143
... 5.11 DS11: Managing Data ... 146
... 5.12 DS12: Managing the Physical Environment ... 149
... 5.13 DS13: Managing Operations ... 1506. CobiT Domain: Monitor and Evaluate ... 155
... 6.1 ME1: Monitoring and Evaluating IT Performance ... 156
... 6.2 ME2: Monitoring and Evaluating Internal Controls ... 159
... 6.3 ME3: Ensuring Compliance with Specifications ... 163
... 6.4 ME4: Ensuring IT Governance ... 1647. Relevance of CobiT and COSO for Fulfilling SOX ... 1678. Outlook ... 175A. CobiT Controls ... 179B. Literature ...191
Index ... 193

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews