Identified areas of improvement in the Sage X3 ERP implementation, including configuration settings, system performance, and user training.
Provided recommendations for optimizing system functionality, enhancing data integrity, and aligning business processes with ERP capabilities.
Delivered actionable insights to AMNI’s management team for strategic decision-making and continuous improvement initiatives.
Sage 300 People The completed System Audit for Sage 300 People optimized HR processes, aligning them with organizational requirements. This included mapping HR processes, conducting project assurance, user acceptance testing, and statutory reporting. The audit identified efficiencies resulting in a 15% increase in HR productivity. Additionally, 98% user satisfaction was achieved through streamlined processes. Compliance was ensured, with 100% accuracy in statutory reporting. Overall, the project enhanced operational efficiency and compliance, contributing to organizational success.
IT System Audit
Prepared and Planned:
Defined audit scope, objectives, and methodology.
Identified stakeholders and secured management buy-in.
Reviewed previous audit reports and compliance requirements.
Allocated resources including audit team members and tools.
Conducted Risk Assessment:
Identified and prioritized IT risks and vulnerabilities.
Assessed potential impact on business operations.
Evaluated effectiveness of existing controls.
Determined likelihood and consequence of risk events.
Reviewed Documentation:
Reviewed IT policies, procedures, and documentation:
IT governance frameworks.
Security policies and standards.
Change management procedures.
Incident response plans.
Business continuity and disaster recovery plans.
Performed Technical Assessment:
Conducted technical tests and assessments:
Vulnerability assessments and penetration testing.
Configuration reviews of servers, databases, and firewalls.
Log file analysis for security incidents.
Assessment of encryption, authentication, and access controls.
Evaluated Compliance:
Assessed compliance with regulatory requirements and standards.
Verified adherence to data protection laws and cybersecurity regulations.
Reviewed compliance with internal policies and procedures.
Tested Controls:
Tested effectiveness of IT controls:
Access controls and user management.
Change management and system configurations.
Incident detection and response.
Data backup and recovery processes.
Reported and Communicated:
Documented audit findings and recommendations.
Communicated results to stakeholders including IT management.
Provided actionable recommendations for improvement.
Discussed findings with management and obtained action plans.
