SAVE UP TO 50%

WITH IN HOUSE
TRAINING
The International Leader in Audit and Information Security Training Details inside

10th - 13th November 2008, London

How to
Audit SAP
R/3 Basis High-Risk Areas in the SAP R/3
Infrastructure and How to Mitigate Them

Course Director Frank Lyons Frank W. Lyons, Over 35 years experience in IT and audit

In this four-day programme you will: A very good course

which provides the
Learn how to audit the SAP R/3 system infrastructure core knowledge
required to audit
Develop the necessary skills for tackling SAP R/3 control challenges SAP R/3 Basis
HM Revenue & Customs
Gain a thorough understanding of how to implement and manage an online
and e-commerce based SAP R/3 environment

MIS past delegates include...

ABN AMRO, Alliance & Leicester, Barclays, BT, Canon, Deutsche Bank, Goldman Sachs, HSBC,
JP Morgan Chase, Reuters, Vodafone, Sony, UBS

EARN
30 CPE CREDITS

Web mistieurope.com Email mis@mistieurope.com

How to Audit
SAP R/3
Basis
High-Risk Areas in the SAP
R/3 Infrastructure and How to
Mitigate Them

10th - 13th November 2008, London

Seminar Focus & Features

This intensive, four-day seminar is designed for technical auditors charged with auditing the infrastructure of the SAP™ R/3™ system and
focuses on the control challenges inherent in implementing and managing an online and e-commerce SAP™ R/3™ environment using the
Basis Module.

Course Director Frank W. Lyons

Frank W. Lyons is President of Entellus Technology Group, Inc., a management consulting firm specialising in the audit, security, reliability, tuning,
and management of networked computer systems. Mr. Lyons has extensive experience in performing consulting services to fortune 500
companies in the development and implementation of proven methodologies. Mr. Lyons has also developed over 100 seminars and has delivered
these seminars to well over 20,000 attendees over the last 25 years.
As a recognised leader in the field, Mr. Lyons has been involved in information systems, specifically data security and auditing of networked
database information solutions, for over 30 years. Currently, Mr. Lyons is working closely with Client/Server architecture for SAP, PeopleSoft and
Oracle applications and in the security and performance arena for UNIX, Windows, Oracle, SQL/Server, DB2 and network security and control
using SNMP and configuration parameters for the Internet and corporate network topologies. Frank is recognised as one of the leaders in the audit,
security and control of SAP and PeopleSoft applications. Mr. Lyons is a Certified Information Systems Auditor (CISA) and a Certified Network
Diagnostic Engineer (CNDE).
Mr. Lyons has over ten years experience with SAP and has trained over 4500 SAP professionals in various aspects of SAP. He has developed
courses such as:
Mr. Lyons has consulted on transactional integrity and control with over 30 fortune 500 organisations during and after implementation.
Specifically, Frank has consulted on the transaction configuration integrity and control for the SD, HR, Basis and FICO, MM modules. In addition,
he has conducted over 10 detailed reviews on the Basis module and WebAS and has reviewed in detail the role definitions related to job functions
to ensure proper transaction authority and segregation of duties. Participating on major implementations of SAP for several months of work, Frank
also evaluated the complete project implementation methodology as to its effectiveness and completeness.
During these evaluations Frank has worked with all members of the project team as well as upper management including the President of several
of the organisation to provide his input to the overall probability of a successful SAP implementation. Considered a key SAP resource Mr. Lyons is
highly sought after for his in-depth and insightful SAP experience. His risk and control compliance guidelines are used in many of the organisation
that have sent well over 4500 students to his SAP seminars conducted through MIS Training Institute, Inc.
Frank has a Bachelor of Science in Computer Science from Ohio State University and an MBA from the University of Dayton.

Previous attendees

Practical, technical ... good for sharing knowledge

Sony Europe
Who Should Attend Learning level In-House Training
Internal, Financial, Operational, and Information Technology Auditors; Advanced Save Up To 50% When You Run This
Security Professionals course In-house
In-house tailored training will enable
you & your colleagues to make
Prerequisite Fee significant savings as we charge per
day & not per participant so the cost
You should have first attended SAP™ R/3™ Concepts and Audit Risks, GBP £2,295
remains the same regardless of how
or have equivalent experience many people attend. We can offer
any of our public courses or tailor
them to your requirements. Training
is available in all areas of Internal
EARN Audit, IT Audit, and IT Security
30 CPE CREDITS If you have 6 or more colleagues
who would be interested in one of
our courses and you would like to
make significant savings, contact us
Day One Day Two
• B2B solutions
• Data integration between solutions now;
sets • What are your training objectives?
• Risk and control points
SAP™ R/3™ SAP™ R/3™ Records • How many people require the
• Real-World Solutions to SAP™
Fundamentals Review • User master R/3™ Audit and Control training?
• Overall architecture • Customer • Special rights and access
• Direct transaction process • Vendor • When would you like to run the
• Configuration and set-up problems
• Other key master records and controls training?
• Internet transaction process
• E-commerce solutions • Table maintenance controls • System administration and • What level of experience do you
segregation of duties and your colleagues have?
• MySAP.com
Auditing Standards • Development rights
• B2B solutions
• Access building for SAP™ R/3™ • We will then email you a detailed
• SAP™ R/3™Terms • User access
• Business objects proposal which addresses your
• System & technical architecture • Profile changes unique needs.
• Activity groups and profile • Interface advisertechnique
• Internet Transaction Server (ITS)
• Audit and security features in the generator You will have complete control of the
new releases • Authorisation change training content and decide when it is

SAP™ R/3™ Basis

System
• User administration changes
• Transaction & document trails
• Log files
Day Four run. We guarantee that we will be
able to cater for all your business
needs.
• Definition of the role of the Basis • Archiving Correction and Transport Email Guy Cooper at
module • SAP™ R/3™ system logs SystemControl
• Configuration settings for Basis • SAP™ R/3™ application logs • Platform separation
gcooper@mistieurope.com
• Programme controls: • Operating logs • Configuring CTS or call
authentication, defaults,
transaction • Operating system audit capability • Correction process +44 (0) 20 7779 8975
• Standard profiles • Operating system audit logs • Transport process
• Activity groups • Database systems • Version control More Great Reasons to Choose our
• Standard authorisation • DBMS logs & audit logs • Delta control In-house Training:
• SAP™ R/3™ object definitions • Transaction logs • Audit logs • Save money over public seminar
• Data dictionary control and • User logs • Authorisation process fees
maintenance • Transaction type & activity logs • Table reporting
• ABAP/4 programming controls • Save money on travel &
• SP R/3 audit tools and techniques • Emergency fixes
• Processing types accommodation
• Testing approach
• Object and component • Test decking • Save time on travel as the
programming (RPCs), User Exits,

Day Three
CPIC • Integrated testing facility instructor will travel to you.
Furthermore, the training can be
An Audit Approach held at the most convenient time
Understanding SAP™ for you.
R/3™Communications SAP™ R/3™ • Auditing the system tiers
• Key objects Administration • Auditing the infrastructure • Tailor the course content; ensure
• Key processes • System and database • Evaluating audit trails the relevance of the seminar for
• IDOCs administration • Auditing the Basis Module your colleagues. You can tailor the
• CPIC • Security administration • Conversion controls structure & methodology of your
• ITS • Basis administration • System implementation seminar or customise the seminar
• ALE • Audit approach to meet the expertise levels of the
• Background processes Internet Transaction participants.
• Batch processes Server Case Study / Review • Bring the best in the business;
• EDI transaction control • Definition Instructors are hands-on, expert
• Network controls • E-commerce solution practitioners who are your subject
• Middleware controls • MySAP.com matter consultants when they are
• Remote communication controls • Transaction controls not training.
• Audit trails • BAPIs
• Programme control • Gain CPE points & certificates for
the number of training hours.
• Database controls
© MIS Training 2008
 How to Audit SAP R/3 Basis
High-Risk Areas in the SAP R/3 Infrastructure and How to Mitigate Them

Key topic areas

• Learn how to audit the SAP R/3 system infrastructure
• Develop the necessary skills for tackling SAP R/3 control challenges
• Gain a thorough understanding of how to implement and manage an
online and e-commerce based SAP R/3 environment

Why should you attend?

• MIS Training is the global leader in IT audit and info security training,
having trained over 200,000 delegates
• Course Instructors are the most reputable in the industry
• We have an impressive client list including Reuters, Rolls Royce Plc,
Vodafone, Sony, to name a few
• Earn CPE points - which can be used to qualify/maintain a CISSP, CISA
or CISM
When registering for this event please quote reference WEB

10th - 13th November 2008, London

PLEASE SEND ME INFORMATION ABOUT RUNNING THIS COURSE IN-HOUSE 
How to Audit SAP R/3 Basis 5 easy ways to register
(please photocopy form for additional delegates) Tel: +44 (0)20 7779 8944
 10th - 13th November 2008, London (MT2513) Fax completed form to: +44 (0)20 7779 8293
GBP £2,295 £ *Discounts: Please call to enquire Email: mis@mistieurope.com Web: www.mistieurope.com
+ VAT @ 17.5% £ about corporate discounts. Post completed form to: Carlos Doughty, MIS Training, Nestor House,
Discounts can not be used in Playhouse Yard, London EC4V 5EX UK
Grand Total £ conjunction with each other.
Customer Information
Payment Information Title First name Surname
You can now pay online at www.mistieurope.com
Title/Position Organisation
 Cheque enclosed (payable to MIS Training)
 Please invoice my company PO# E-Mail Address (Required)
Please debit my credit card  AMEX  VISA  MasterCard Address
Card Number Expiry Country Postcode
Cardholders name Verification Code Telephone Fax
Please include billing address if different from address given VAT Number (If you have one)
The information you provide will be safeguarded by the Euromoney Institutional Investor PLC
group whose subsidiaries may use it to keep you informed of relevant products and services.
We occasionally allow reputable companies outside the Euromoney Institutional Investor PLC
Please note that in completing this booking you undertake to adhere to the group to contact you with details of products that may be of interest to you. As an international
cancellation and payment terms listed below group we may transfer your data on a global basis for the purposes indicated above. If you
object to contact by telephone  fax  or email  please tick the relevant box. If you do not
Signature Date want us to share your information with other reputable companies please tick this box 
Approving Manager Position Please send me information on
 In House Training
 Preparing for the CISA Exam, 3rd - 7th November 2008, London
 Security & Audit of Unix/Linux, 18th - 20th November 2008, London

Registration Information
(fees must be paid in advance of the event)
Accommodation: The course will be held in a Radisson Edwardian hotel in Central London (zone 1). To get the best available rate at Radisson Edwardian hotels in London
please visit www.radissonedwardian.com/mis or, alternatively contact the hotel direct and quote the MIS event title and dates when making your booking.
Cancellation Policy: Should a delegate be unable to attend, a substitute may attend in his or her place. Cancellations received within 21 working days of the event are liable
for the full seminar fee. If full payment has been received you are eligible for a 75% reduction on the next run of the seminar. This discount will be valid for one year only. MIS
reserves the right to change or cancel programmes due to unforeseen circumstances.
VAT: All delegates attending are liable to pay VAT. After the event organisations registered for VAT in the UK may reclaim the tax.
Delegates from outside the UK but within the European Community may also be able to reclaim the VAT. Organisations outside
the UK should check with their excise authority as to which domestic fiscal regulations apply. High Yield/No-Risk EARN
30 CPE CREDITS

Web mistieurope.com Email mis@mistieurope.com