We are looking for an experienced Information Systems Auditor to conduct an independent audit of SAP ERP and Winit Mobile Van Sales Application. The engagement will evaluate application controls, user access security, interface robustness, fraud exposure, and misuse vulnerabilities.
Location: Saudi Arabia
Engagement Type: Contract
π― Objective of the Assignment
To perform a comprehensive Information Systems Audit assessing the adequacy, effectiveness, and robustness of:
Application controls
User access security
Interface & integration controls
Fraud risk exposure
Misuse and override vulnerabilities
π In-Scope Applications
πΉ SAP ERP Modules
Finance & Controlling (FICO)
Materials Management (MM)
Production Planning (PP)
Sales & Distribution (SD)
Plant Maintenance (PM)
π Key Responsibilities
1οΈβ£ Application Controls Review β SAP
Evaluate configuration settings and master data controls
Review transaction processing, validations, and posting logic
Assess pricing, credit management, and inventory movements
Review production confirmations and maintenance orders
Examine error handling mechanisms and custom developments
Validate audit trails and logging controls
2οΈβ£ Application Controls Review β Winit Mobile Van Sales App
Review pricing, credit control, promotions, schemes, FOC, and discount logic
Evaluate sales quantity collection, loading & execution
Assess sales returns, van stock transfers, unloading & reserved stock
Test offline transaction handling and synchronization logic
Review exception handling and audit logs
3οΈβ£ Interface & Integration Controls
Evaluate SAPβWinit interface controls
Validate completeness, accuracy & timeliness of data transfers
Assess reconciliation controls & duplicate prevention
Review failed transaction monitoring and error handling
4οΈβ£ User Access & Security Review
Analyze user roles & privileges
Identify Segregation of Duties (SoD) conflicts
Detect excessive or super-user access
Review shared IDs & access provisioning/de-provisioning
Validate least-privilege compliance
5οΈβ£ Fraud Risk & Misuse Assessment
Identify fraud-prone areas and override capabilities
Assess manipulation risks in pricing, stock, returns & transfers
Evaluate collusion scenarios
Review compensating controls
6οΈβ£ Application Testing Scope
Negative path testing (invalid/incomplete transactions)
Abuse/misuse case testing
SoD conflict testing and validation
Deliverables
Executive Summary
Detailed findings with risk ratings
Root cause analysis
Financial & operational impact assessment
Remediation roadmap
Role redesign recommendations
Management action plan
Ideal Candidate Profile
5+ years of IT Audit / SAP Audit experience
Strong hands-on knowledge of SAP FICO, MM, SD, PP, PM modules
Experience auditing mobile sales or field-force applications
Deep understanding of SoD frameworks and access governance
Experience in fraud risk assessment within ERP environments
Strong documentation and stakeholder communication skills
