Term GRC in enterprise
software refers to Governance, risk management, and compliance. This is the umbrella
term covering a company's approach across these three areas:
1.
Governance - combines processes established and executed within
company that reflect the company's structure and how it is managed and led
toward achieving goals.
2.
Risk management - predicts and manages risks that could
hinder the company to achieve its objectives.
3.
Compliance - with the company's policies and procedures, laws and
regulations. It helps to measure this compliance as it is considered key to an
organization's success. Automated risk and compliance monitoring activities can
help prevent and/or mitigate risk events across company.
In other words the GRC integrates
and manages IT operations of company that are subject to regulation. The GRC solution
typically combines applications that manage the core functions of GRC into a
single integrated package. Speaking very simply; such a software issues roles
to the user in addition it collects information who and when requested an
access to particular function or data in the SAP system. It tracks who and when
approved the access etc. among other things.
SAP has few GRC solutions for different
LoBs:
1.
SAP GRC Access Control - is a suite of tools to monitor,
test, and enforce access and authorization controls across company. It complies
with regulatory mandates (e.g. Sarbanes-Oxley). Using these tools companies can
identify and remove access and authorization risks from its systems. Also preventive
controls in business processes to stop segregation of duties (SoD) violations
are supported. The solution has following capabilities:
1.1 Compliant User Provisioning (CUP)
1.2 Enterprise Role Management (ERM)
1.3 Risk Analysis and Remediation (RAR)
1.4 Superuser Privilege Management
2.
SAP GRC Fraud Management (powered by SAP HANA) -
it enables frauds analysis across industries. Also it helps to prevent
irregularities or fraud in ultra-high volume environments. Technically it is add-on
application for SAP NetWeaver AS ABAP and the SAP HANA database. Sometimes SAP Fraud
Mngt is referred as part of SAP Assurance and Compliance Software.
online docu SAP Fraud
Management - SAP Assurance and Compliance
Software 1.1 SP07
3.
SAP GRC Process Control - is solution for internal controls
management. It supports audit team in gaining better visibility into business
processes and ensures a high level of reliability in financial statement
reporting. Moreover it enables documenting control environment, testing and
assessing controls, tracking issues to remediation, and certifying and reporting
on the state and quality of internal controls. Using a combination of data
forms, automated workflows, certification, and interactive reports, this
solution enables members of internal control, audit, and business process teams
to effectively manage compliance activities.
4.
SAP GRC Risk Management - enables companywide risk management
process as mandated by certain legal requirements and recommended by best
practice management frameworks.
5.
SAP GRC Global Trade Services (GTS) - Solution to
support control of costs, reduce risk of trade penalties and fines. In addition
it helps to clear inbound/outbound customs in fast manner. Automation of trade
processes in case of international operations, ongoing compliance, and tight
integration throughout your cross-border supply chain.
Useful links:
No comments:
Post a Comment