Contents

 Risk & Challenges in an ERP system

 History of Financial Frauds

 About AGC Infotech

 Our ERP Risk Advisory Services

 Our Value Chain Approach

 Benefits to your organization

 Our Team & Credentials

 Annexure

For Discussion Purposes Only 2

Risk & Challenges in an ERP system

For Discussion Purposes Only 3

Risk & Challenges in an ERP System

Corporations across the world are highly concerned about the security of their Enterprise
Resource Planning (ERP) systems such as SAP, from threats like fraud, intrusion, etc that affects
the integrity of their business. They require their policies and procedures to be tightened and
system to be secured.

There are some challenges that these corporations faces in their day to day business:
I don‟t know
We should have
how the Auditor declared
considered SoD
vendor got system controls to How do I
while granting
paid twice? be ineffective design business
access
controls in my
ERP?
ERP team is Does my ERP system
spending lot of has sufficient
unproductive password and user Our ERP
time on access security implementation
Is my system
maintenance controls team never
prone to
access gave us the
intrusions? controls

What is the
Solution???

For Discussion Purposes Only 4

History of Financial Frauds

For Discussion Purposes Only 5

History of Financial Frauds

Year Company Audit Firm Type of Fraud

Failure to disclose Repo

2010 Lehman Brothers Ernst & Young
105 transactions to investors

Satyam Computer
2009 PWC Falsified accounts
Services

Accounting of structured financial

2004 AIG PWC
deals

2002 WorldCom Arthur Andersen Overstated cash flows

2002 Kmart PWC Misleading accounting practices

2001 Enron Arthur Andersen Corporate fraud and corruption

2000 Xerox KPMG Falsifying financial results

Source: www. wikipedia.org

For Discussion Purposes Only 6

India’s Fraud Survey 2010

Source: KPMG
For Discussion Purposes Only 7
2009 CSI Computer Crime Survey

Per the 2009 CSI Computer Crime and Security Survey, “…change of greatest concern is that
financial fraud increased from only 12 percent of respondents to 19.5 percent of respondents. This
is reason for concern because financial fraud consistently causes victim organizations huge
losses—almost $450,000 per victim organization this year…”

For Discussion Purposes Only 8

About AGC Infotech

For Discussion Purposes Only 9

About AGC Infotech

Our Company profile

We would like to introduce our self as a leading SAP and HR service provider offering a wide
suite of specialist services to our clients ranging from specialist staffing, risk advisory, corporate
training, consulting to outsourcing.
AGC INFOTECH offers a wide range of professional SAP risk advisory, consulting, development
and training propositions at reasonable costs. We provide value added service to our clients in
the most cost-effective manner.

Our Services
 SAP Risk Advisory
 SAP Consulting and project support
 Corporate training
 Manpower solutions
 Outsourcing

Benefits of Working with Us:

 Services similar to the Big4 audit firms, but at a price that fits your budget
 Team from Big4 background bringing best practices
 High quality deliverables and reports
 Committed team available locally for year-round support
For Discussion Purposes Only 10
Our ERP Risk Advisory Services

For Discussion Purposes Only 11

 Our ERP Risk Advisory Services
Before Go-live
 Business Blueprint Review
 Identify and suggest controls as
part of BBP
 Benchmark TO-BE process to
Leading practices
 Pre Go-Live Readiness
Assessment
 A quick check of the status of
critical master data,
organizational elements,
configurable controls, process
integrations, system and user
security before Go-Live
 Verify if suggested controls are
designed and implemented
After Go-Live
 Quick Scan Review
 A quick check to identify and
fix „High Risk‟ issues
 SAP Business Controls
Review
 A detailed review of key
business processes having
financial implication
 SAP Security Controls
Review
 A detailed review of Basis
security, access to critical
transactions and Segregation
of duties
 Audit Work Program
Documentation
 Preparation of detailed work
program that will enable the
Internal Audit team to conduct
rigorous audit of the SAP system
Corporate Training
 SAP Core team training
 Preparing the SAP Core team
for supporting the SAP ECC
system
 SAP End-user training
 Preparing the SAP End-user
team for working on the SAP
ECC system
 Auditing an ERP system
training
 Preparing the Internal audit
team for sustainable audit of
the SAP ECC system
 Fundamentals of ERP system
training
 Preparing the organization for
an upcoming implementation
of the SAP ECC system
For Discussion Purposes Only 12
Our Value Chain Approach

For Discussion Purposes Only 13

Our Value Chain Approach

Understand
business
process

Train Identify
Internal potential
Audit team risks

Basis Security &

Financial
User Accounting
Administration

Report
Develop
gaps & Sales & Materials control
suggest Distribution Management
framework
solutions

Conduct Document
test of audit
controls program

For Discussion Purposes Only 14

Benefits to your Organization

For Discussion Purposes Only 15

 Benefits to your organization

Few of the benefits that your organization will derive from your SAP system, after our services:

Secured ERP Secured and robust SAP environment from both internal and
system external threats such as unauthorized usage, fraud, intrusion, etc

Maximizing
Leveraging the available automated controls using the existing SAP
configurable
configuration and reducing the manual efforts
controls

Compliance Controls ready SAP system to meet any existing or upcoming

support statutory compliance requirement

Leading Benchmarking your SAP system to the leading industry control

practices practices to optimize your ROI

Preparing the management / Internal audit team to conduct

Sustainability repeatable and sustainable audit of SAP system using the step-by-
step defined audit program documentation

For Discussion Purposes Only 16

Our Team & Credentials

For Discussion Purposes Only 17

Team Profile

We have a team of dedicated and highly qualified SAP professionals who have
worked on ERP and IT Risk Advisory projects across 8 countries, including US and UK.

Our team comprises of Certified SAP professionals, CA, MBA and Engineers with
extensive experience in rendering SAP advisory services.

Along with SAP ECC system, our team has hand-on experiences working on tools
such as SAP GRC Access Controls and Approva Bizright Access Controls.

Our Service capabilities:

 SAP Business Process Controls Audit

 SAP Security and Segregation of Duties Controls Audit
 ERP Audit Project Management
 Sarbanes Oxley (SOX) Compliance Assistance
 ERP Product and Vendor Selection
 ERP Audit Tools Development
 ERP Trainings
For Discussion Purposes Only 18
Team Credentials

Industry Clients

Diversified Business Essar Group, India

Beverages Diageo Plc, UK; Dr Pepper Snapple Group Inc., USA

Chartis („AIG‟) UAE, Hong Kong, Malaysia, Indonesia, Thailand, Philippines,

Insurance
Vietnam, Taiwan

VOLT Information Sciences Inc., USA; Covansys Corp. Inc., USA; Infosys
IT Services
Technologies, India

Energy Centrica Plc, UK; Enercon India Ltd; ONGC Ltd., India

FMCG and Consumer Goods ITC Ltd, India Philips India Ltd.

Retail Pantaloon Retail India Ltd.; Welspun India Ltd.

Engineering and Electrical

Larsen & Toubro Ltd., India; Havell‟s India Ltd.; Bharat Bijlee Ltd., India
Equipment

Telecommunication VSNL Ltd., India

Pharmaceutical Duane Reade Inc, USA; Glenmark Pharmaceutical Ltd., India

Metals and Minerals ISPAT Industries Ltd., India; BALCO Ltd., India

For Discussion Purposes Only 19

Annexure

For Discussion Purposes Only 20

Sample Deliverables - Dashboard

For Discussion Purposes Only 21

Sample Deliverables - Deliverables

For Discussion Purposes Only 22

Sample Deliverables - Report

For Discussion Purposes Only 23

End of Presentation. Thanks.
For enquires and more please contact:

Manish Chauhan Gourav Ladha

Director, AGC Infotech Director, ERP Risk Advisory

Mobile #: +91-909-998-796-6 Mobile #: +91-971-295-295-5

Office #: +91-79-40044661/62/64/65 Office #: +91-79-40044661/62/64/65

Website: www.agcinfotech.co.in Website: www.agcinfotech.co.in

Email: manish@agcinfotech.co.in Email: gourav@agcinfotech.co.in

For Discussion Purposes Only 24