I. General 1. Obtain a company organizational chart. 2. Obtain a copy of all security policies and procedures. 3. Obtain a diagram of the SAP application architecture. 4. Obtain a copy of “problem tracking” or “incident report” for the application being audited. 5. Obtain a
