Posted on 2022-09-09

Manager, Information Risk Management, IT Audit – SAP


The IT Audit Manager SAP, will deliver independent, objective audit, assurance, and advisory services with a focus on SAP system supported processes, security, and controls to support financial reporting requirements.

This position will be responsible for planning, performing, and reporting audit activities related to SAP Audits including implementation reviews, audit support, testing the design and implementation, and operating effectiveness of controls.



  • Lead a variety of audit activities including SAP risk support, data extraction, information reporting, process monitoring, integration with GRC, and reviewing and consulting on SAP Upgrades.
  • Develop and monitor audit project plans to document and test controls and processes associated with the client’s SAP environment and functionality
  • Advise clients on control considerations and observations during system implementations and post audit recommendations.
  • Follow best practices for obtaining SAP documentation and analytics as well as providing strong technical knowledge of the system and configurations
  • Provide the technical understanding of SAP configurations as it relates to the design, development, and testing of automated controls
  • Provide design assistance and testing on identity access management tool implementation
  • Execute audit testing and reporting over SAP IT general controls and dependencies
  • Perform walkthroughs to understand and document findings as well as IT related dependencies
  • Continuously improve audit approaches, tools, methodology and productivity
  •  Effectively communicate audit procedures and expectations to team members and stakeholders in a timely and clear fashion
  • Plan and execute the day-to-day activities of IT audit engagements in general and as it relates to SAP
  • Complete task and deliverables to a high quality standard– working to an agreed plan, budge and quality
  • Keep senior IRM members informed of significant developments and progress on the engagement 
  • Coach junior staff on engagements and provide proper feedback
  • Assist with scoping, financial management, delivery risk management and the initial review of deliverables
  • Help identify performance improvement opportunities for assigned clients
  • Conduct fieldwork and manage small project teams to deliver value-added assurance services to clients
  • Develop internal networks and maintain excellent relationships with colleagues across KPMG, in particular in the wider Consulting, Audit and Advisory areas
  • Promote a collaborative culture encouraging constructive working relationships with the audit team and others



  • BA/BS Degree in Computer Science, Information Systems,, Information Technology, Accounting, Finance or related fields
  • 5 or more years of IT and SAP, or business process controls experience and understands key business processes, the inherent risks, and potential controls
  • 5 or more years of proven experience in the design, testing, and implementation of business process controls and GITCs in an SAP environment, including both SAP automated and manual controls
  • 3 or more years of leading projects, managing budget, and resource management


Required Skills:

  • Excellent written and verbal communication skills
  • Strong project management and organizational skills
  • Technical understanding of SAP configurations as it relates to the design, development, and testing of automated controls
  • Full cycle implementation experience with SAP, including risk assessment, control identification, design, testing, and deployment
  • Knowledge of SAP GRC Process Control or other compliance tools
  • Demonstrated ability to take accountability and takes initiative and is self-directed
  • Effective time management, including planning and decision-making, identifying priorities, and bringing projects to successful and timely completion with a focus on high standards and quality
  • Strong understanding of audit and documentation requirements


Preferred Skills:

  • Certification preferred, such as: CISA , CISSP, CISM , PMP, CPA, or/and CIA
  • Strong understanding of audit concerns impacting SAP and IT environments