This document provides audit programs and internal control questionnaires for evaluating controls in the SAP R/3 ERP system related to key business cycles. It includes audit programs for revenue, expenditure, inventory, and system security cycles. Each audit program lists key controls and risks to evaluate and steps to test controls configuration and access management. The document is intended to help audit, control and security professionals evaluate the design and operating effectiveness of controls in an SAP R/3 environment.