Implementation Audit and Control

Background

Internal Audit Role

Go-Live Criteria

Audit Approach - Systems

Audit Approach - People

Summary

Agenda

Anheuser-Busch Companies, IncAnheuser-Busch Companies, Inc

                                      

7 Business Units

2 Legacy Systems

70 Payroll Areas

Employees:

- 8,000 Salaried Employees

- 21,000 Hourly Employees

Payroll Structure

Project Scope:Project Scope:

All Domestic U.S. Business Units (big bang

approach)

Legacy Payroll and Time Entry Replaced

Personnel Data Converted from Legacy

Systems

Centralized Processing

Payroll Project

A Big Project!A Big Project!

Pre-Work:Pre-Work:Understand Changes to Payroll Process

Learn SAP Payroll Concepts

Train Audit Staff

Determine Audit Plan

Provide Consulting on Proposed Control

Environment

Establish a Working Relationship with Project

Management

Internal Audit Role

Audit Plan:Audit Plan:

Test Project Go-Live Criteria

Evaluate Project Management

Determine Impact for Future Audits of Business

Units

Internal Audit Role

Plan It! Plan It!

Go-Live Criteria

System RelatedSystem Related

1. System Reliability

2. Testing Completed Successfully

People RelatedPeople Related

1. Businesses Ready to Support New Process

2. Payroll Group Staffed and Trained

3. Communication to Employees Adequate

System RelatedSystem Related People RelatedPeople Related

- Configuration - User Access

- Interfaces - Procedures

- Processing - Training

- Data - Communication

- Security

Go-Live Testing Areas

Remember the Remember the People! People!

SAP Payroll Configured to fit Organizational StructureSAP Payroll Configured to fit Organizational Structure Enterprise Structure

Location Department

Personnel Structure

Status Type

System - Configuration

A-BC Financial AdministrationA-BC Financial Administration

Corporate Audit

Corporate Audit

ActiveSalaryActiveSalary

Regular ExemptNon-Union

Regular ExemptNon-Union

Info-typesInfo-types

Allow Retroactive Accounting

Delimitation for Audit Trail

Data Entry Controls (Features, Actions, Screen

Controls)

System - Configuration

Infotype Controls = Infotype Controls = Data Accuracy Data Accuracy

Wage TypesWage Types

Characteristics are Adequate

Valid and Specific

Map to Correct G/L Accounts

System - Configuration

SAP On-Line SAP On-Line Documentation Documentation

Michael Jeanmougin

All interfaces have been identified and included All interfaces have been identified and included in the Design and Test Plansin the Design and Test Plans

Interface Errors should be Identified and Corrected

System - Interfaces

GIGO GIGO

SAPPayroll

SAPPayroll

TimeSystem

TimeSystem

Banks &Benefit

Providers

Banks &Benefit

Providers

Understand Process FlowUnderstand Process Flow

System - Processes

HR Master Data

HR Master Data

TimeReporting

TimeReporting

Regular Payroll Processing

Regular Payroll Processing

PayrollAccounting

PayrollAccounting

Check Printing &

Distribution

Check Printing &

Distribution

3rd PartyRemittances

3rd PartyRemittances

Off-CycleProcessing

Off-CycleProcessing

Maintain Data Integrity During ConversionMaintain Data Integrity During Conversion

Master Data

Data Already in SAP HR Module

Data to be Converted via New Info-

types

YTD Earnings and Deductions

Mid-Year Conversions

System - Data

Know Where the Data Resides Know Where the Data Resides

Supports Job Responsibilities and Safeguards DataSupports Job Responsibilities and Safeguards Data

System - Security

HR/Payroll SecurityData Focused

Limited Authorization Object

Permissions: M – Maintain; R - Read

Core SecurityTransaction Focused

Many Authorization Objects

Permissions: 01 – Create, 02 – Change, 03 - Display

Lock and Lock and LimitLimit!!

Procedures Around Payroll Processing are as Procedures Around Payroll Processing are as Critical as Controls in the SystemCritical as Controls in the System

Payroll and HR Personnel

Business Unit Personnel

System Support Personnel

People - Procedures

Procedures Defined Procedures Defined and In Place! and In Place!

People - Training

Training is a Key Component of Project SuccessTraining is a Key Component of Project Success

Inclusion in Development Project

Knowledge Transfer from Consultants

Methods:

Testing as Training

Classroom

Computer-Based

Communication Needs to be Timely and CompleteCommunication Needs to be Timely and Complete

Multiple Types of Media

Legal and Corporate Review

Hotline

People - Communications

No No Surprises! Surprises!

Employees only need Access to Perform their Employees only need Access to Perform their Job ResponsibilitiesJob Responsibilities

Everyone has access who needs access

Segregation of Duties Conflicts identified

Restricted Number of Employees designated for

Support

People – User Access

Keep the Keep the Data Safe! Data Safe!

Controls Identified for Go-Live DecisionControls Identified for Go-Live Decision

Key Controls

System Reliability – Process Payroll Within

Required

Time Windows

Testing Completed Successfully. Significant

Test

Problems Resolved and Re-tested.

Business Ready To Support New Process.

Payroll Group Staffed and Trained.

Communication to Employees Adequate or

Planned.

SummaryUnderstand How Key Processes Will Change.

Train Audit Staff.

Perform Audit:

Identify and Test Key Control Areas.

Review Configuration

Focus on items outside of SAP (training,

communication).

Continuously Communicate with Project and Audit

Teams.

Please remember to complete and returnPlease remember to complete and return your evaluation form following this session. your evaluation form following this session. Session Code: 507

Marc.Swanson@Anheuser-Busch.com314-577-4788

Michael.Jeanmougin@Anheuser-Busch.com

314-577-2008

Thank you for attending!Thank you for attending!