Newport discussion corporate sustainability reporting using sap grc v3
1. FOR DISCUSSION
Corporate Sustainability Reporting
Strategies and Frameworks using SAP GRC Approaches
Newport Consulting Group
March 2010
Newport Consulting Group, LLC This document is confidential and is intended solely for the use and information of the client to whom it is addressed.
2. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for CSR Planning and Implementation
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 1
3. Introductions and Firm Overview / 1
Newport Consulting Group is an independent
consulting firm founded by several leading
consultants from DMR Consulting Group and
strategy firm Booz & Company
Our clients enjoy working with our experienced
professionals who deliver large firm capabilities
in the context of a boutique firm culture
We function as top-end, high-touch advisors
to our clients, unencumbered by large
overhead cost models or downstream
deployment agendas
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 2
4. Introductions and Firm Overview / 2
Our Experience and Capabilities
Our Experience and Capabilities
Our clients represent a broad industry base
We retain our staff through teaming
We retain our staff through teaming
– Commercial agreements creating a business affiliate
agreements creating a business affiliate
Consumer Electronics & Products model with low
model with low
Automotive & Transportation overhead and high performance services
overhead and high performance services
Aerospace & Defense Experience and Education Profile of Staff
Experience and Education Profile of Staff
Industrial Equipment Minimum 20 years professional experience
Minimum 20 years professional experience
average per staff
average per staff
Medical Device & Health Systems Management experience at one or more Fortune
Management experience at one or more Fortune
– Non-commercial 1000 organizations
1000 organizations
Practice and delivery management experience
Practice and delivery management experience
Electric and Water Utilities at top-tier strategy firms
at top-tier strategy firms
State Governments Client and delivery management experience at
Client and delivery management experience at
global system integrators
global system integrators
Municipal / County Governments International experience working with customers
International experience working with customers
Not for Profit Organizations and partners in Europe and Asia-Pacific
and partners in Europe and Asia-Pacific
Additional experience in medical device,
Additional experience in medical device,
We maintain strategic partnerships with consumer electronics, and high tech
consumer electronics, and high tech
leading enterprise software companies,
We are the experts in the field of
We are the experts in the field of
service providers, and institutions
enterprise performance management
enterprise performance management
– Under NDA with SAP America since 2005 bridging “classic SAP” and strategy
bridging “classic SAP” and strategy
– Under NDA with Dassault Systems since 2008 throughout the enterprise
throughout the enterprise
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 3
5. Introductions and Firm Overview / 3
Newport Consulting is an “independent” firm aligned
with SAP since our founding in 2005
Our Principals and staff have provided Program
Advisory, Planning, OCM, and Governance services
We have particular expertise in SAP Business Objects
EPM and GRC solutions
– We are writing the book on EPM for SAP Press
– Under NDA with several clients to date
Our staff maintains current knowledge and experience
in additional areas of SAP including ERP (FI/CO, MM,
PP, SD), SCM, PLM, SRM, and GTS
Most of our clients operate in technologically diverse
environments — as such, our staff is able to look at broad
landscapes and topologies to consider the best solution
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 4
6. Introductions and Firm Overview / 4
William Newman, CMC, MBA
William Newman, CMC, MBA Bill Rudiak
Bill Rudiak
Managing Principal
Managing Principal Principal–Lead Consultant
Principal–Lead Consultant
Strategy & Technology Practice
Strategy & Technology Practice
Nearly 25 years of strategy and operations
Nearly 25 years of strategy and operations
planning with various technologies across
planning with various technologies across Over 20 years of business and technology
Over 20 years of business and technology
multiple industry sectors
multiple industry sectors consulting, software development, systems
consulting, software development, systems
Over 10 years experience planning and
Over 10 years experience planning and integration, and managed services experience
integration, and managed services experience
managing complex, global enterprise programs
managing complex, global enterprise programs for a broad range of clients
for a broad range of clients
(ERP, GRC, PLM, SCM)
(ERP, GRC, PLM, SCM) Large-scale project and program management
Large-scale project and program management
Has developed recommended approaches for
Has developed recommended approaches for for significant change initiatives including
for significant change initiatives including
operations readiness, value realization, change
operations readiness, value realization, change workflow efficiency improvements, technology
workflow efficiency improvements, technology
management, global program structures,
management, global program structures, deployments, and global shared services for
deployments, and global shared services for
innovation management, and business
innovation management, and business multi-cultural/multi-national teams
multi-cultural/multi-national teams
transformation
transformation Broad base of technology expertise including
Broad base of technology expertise including
Certified Management Consultant (CMC) since
Certified Management Consultant (CMC) since IT systems management, ERP, PLM/CAD,
IT systems management, ERP, PLM/CAD,
1995
1995 GIS, and digital video
GIS, and digital video
Joseph Stockemer, MBA
Joseph Stockemer, MBA David Tharp, PMP, MBA
David Tharp, PMP, MBA
Principal–Lead Consultant Senior Program Manager
Senior Program Manager
Principal–Lead Consultant
Operations Practice Risk & Program Management Practice
Risk & Program Management Practice
Operations Practice
Over 20 years of business and strategy Over 20 years of business and IT professional
Over 20 years of business and IT professional
Over 20 years of business and strategy
consulting, marketing, sales management, experience
experience
consulting, marketing, sales management,
cost reductions, asset management, and
cost reductions, asset management, and Responsible for managing all phases of
Responsible for managing all phases of
capital funding for start-up ventures
capital funding for start-up ventures large-scale key global IT projects
large-scale key global IT projects
Recently served as interim COO for a high-
Recently served as interim COO for a high- Has led multi-cultural/multi-national cross-
Has led multi-cultural/multi-national cross-
energy food and beverage client, responsible
energy food and beverage client, responsible organizational team in application
organizational team in application
for protoconcept development, initial product
for protoconcept development, initial product development and system implementation
development and system implementation
run, sourcing, and sales team hiring
run, sourcing, and sales team hiring initiatives
initiatives
Held several interim management positions for
Held several interim management positions for Certified Professional Project Manager (PMP)
Certified Professional Project Manager (PMP)
not-for-profit organizations, including
not-for-profit organizations, including and IT Management Certified Professional
and IT Management Certified Professional
community service and faith-based institutions
community service and faith-based institutions
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 5
7. Introductions and Firm Overview / 5
Newport’s Services Model (“SORT”) allows our Clients to benefit from a broad, holistic perspective on
key business issues and challenges, while focusing on deep experience in one or more critical areas.
What market and business strategies do IIneed to address
What market and business strategies do need to address
post-crisis scenarios? What KPIs govern my initiatives and
post-crisis scenarios? What KPIs govern my initiatives and
what do IIdo when KPIs are “out of bounds”?
what do do when KPIs are “out of bounds”?
Strategy
How do create a culture of sustainability?
How do create a culture of sustainability?
How do IIstrategically manage intellectual property?
How do strategically manage intellectual property?
How do IIfit my organization to improve existing or introduce
How do fit my organization to improve existing or introduce
new operating models?
new operating models?
Operations How do IIstructure the functions, people, and resources in my
How do structure the functions, people, and resources in my
organization to drive strategic initiatives?
organization to drive strategic initiatives?
What approaches do IIuse to structure and prioritize initiatives
What approaches do use to structure and prioritize initiatives
inside my organization?
inside my organization?
Risk &
How do IImanage and mitigate risk across my business
How do manage and mitigate risk across my business
Program Management operations?
operations?
How do IIdrive maximum value from my portfolio of initiatives?
How do drive maximum value from my portfolio of initiatives?
Based on my operations and existing technology investments
Based on my operations and existing technology investments
to date, how do IIselect and implement the best technology
to date, how do select and implement the best technology
Technology solutions to support my business?
solutions to support my business?
How do II manage that process from planning to go live?
How do manage that process from planning to go live?
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 6
8. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for CSR Planning and Implementation
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 7
9. Corporate Drivers of Sustainability Programs / 1
A recent McKinsey study shows that while improved risk management may be one value driver,
increased market opportunities, operational efficiencies, and brand equity are key on the minds of
executives as companies position themselves for the post-crisis economy.
Where CSR Value Comes From
Percentage of respondents (%)
Maintaining a good corporate reputation and/or brand equity
75
79
79
Attracting, motivating, and retaining talented employees 52
55
61
Meeting society’s expectations for good corporate behavior
30
43
39
Improving operational efficiency and/or decreasing costs
29
39
42
Improving new growth opportunities 35
24 36
Improving risk management 24
18 24
Strengthening competitive positioning 14
27 CFOs
24 Investment Professionals
Improving access to capital 3
2 CSR Professionals
9
Source: Valuing Corporate Social Responsibility, The McKinsey Quarterly, February 2009
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 8
10. Corporate Drivers of Sustainability Programs / 2
The Dow Jones Sustainability Index (DJSI) created in 1999 represents over $US 9 billion in total
market capitalization. The DJSI STOXX40 has outperformed the nominal DJ STOXX50 by 7.5% to
date (and up to 15-20% during the period preceding the financial crisis).
The DJSI comprises publicly
traded organizations that
follow the Global Reporting
Initiative (GRI) for
Sustainability reporting
The investment community is
The investment community is
giving increased weight to
giving increased weight to
Corporate Sustainability to guide
Corporate Sustainability to guide
rating and investment decisions.
rating and investment decisions.
Source: SAM Sustainability Annual Review, September 3, 2009
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 9
11. Corporate Drivers of Sustainability Programs / 3
Sustainability has Three Pillars — we find that while there may be an immediate focus on one key
area of Corporate Sustainability, attention must be given to how reporting and decision-making
occurs. This increases value drivers, reduces redundancy, improves operations, and manages costs.
Target Focus of Sample Fortune 500 CSR Programs
Survey of Selected Cross-section of Industries 2007-2009
Economic and
Company Environmental Social Responsibility
Financial
Improve the Human
UPS Strengthen the Enterprise Protect the Environment
Condition
Minimize Environmental Local Community
Starbucks Sustainable Coffee Prices
Impacts Engagement
Commitment to Ethical
Kimberly-Clark Business Practices
Environmental Stewardship Safety and Health
Eliminate Adverse Impacts
Lockheed Martin Perform with Excellence
from Operations
Safety of Every Employee
Generally organizations focus on one particular domain of sustainability which needs
Generally organizations focus on one particular domain of sustainability which needs
immediate attention, however understanding the strategic interaction of the other Corporate
immediate attention, however understanding the strategic interaction of the other Corporate
Sustainability areas is essential and often required by reporting guidelines.
Sustainability areas is essential and often required by reporting guidelines.
Source: CSR documents from each organization, selected from 2007-9 supplier manuals and other internal corporate documents.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 10
12. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for CSR Planning and Implementation
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 11
13. Global Reporting Initiative Considerations / 1
In 2006, the Global Reporting Initiative (GRI) was created to provide guidelines and audit recom-
mendations for organizations participating in corporate sustainability reporting (CSR) activities. These
guidelines ensure a level of consistency and governance in the practice of corporate sustainability.
How does GRI consider CSR?
How does GRI consider CSR?
CSR “involves reporting financial and
CSR “involves reporting financial and
nonfinancial information to key
nonfinancial information to key
stakeholders on the company’s
stakeholders on the company’s
operational, social, and environmental
operational, social, and environmental
activities and its ability to deal with
activities and its ability to deal with
related risks.”
related risks.”
Considers the “triple bottom-line” of
Considers the “triple bottom-line” of
reporting
reporting
–
– Economic Performance
Economic Performance
–
– Social Responsibility
Social Responsibility
–
– Environmental Compliance
Environmental Compliance
Considers broader set of
Considers broader set of
stakeholders beyond shareholders
stakeholders beyond shareholders
–
– Financial
Financial
–
– Regulatory
Regulatory
CSR as a practice in accounting areas is still emerging,
CSR as a practice in accounting areas is still emerging,
with general guidelines based on the objectives of the –
– Political
Political
with general guidelines based on the objectives of the
Corporate Sustainability program.
Corporate Sustainability program. –
– Others based on company program
Others based on company program
Sources: The Future of Corporate Sustainability Reporting, The Journal of Accountancy. The American Institute of Certified Public Accountants, 2006.
Royal Dutch Shell, 2003 Corporate Sustainability Report (courtesy of AICPA).
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 12
14. Global Reporting Initiative Considerations / 2
GRI reporting for CSR is a function of confirming that program initiatives, principles, and objectives
are tracked, monitored, and reported correctly. Few specific guidelines outside of the broad principles
of GRI have emerged, leaving management free to “do what you say” from an auditor’s point of view.
UPS is an exemplar in this area as shown by their reporting presentation.
Areas of CSR program called out,
then detailed against Key
Performance Indicators (KPIs) in
subsequent sections of the
sustainability report.
Overall graphic, such as a Venn
diagram, communicates the areas of
importance to various stakeholders.
Interactive Web sites allow
stakeholders including shareholders
to create personalized reports,
graphics, and tables.
Source: 2008 Corporate Sustainability Report, United Parcel Service (used with permission). Newport Consulting Group record of client interviews and feedback, 2009.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 13
15. Global Reporting Initiative Considerations / 3
Companies may have several reasons for implementing a corporate sustainability program. While the
initial or primary focus may be on fixing “hygiene” problems, organizations may exploit the opportunity
to achieve more strategic objectives in corporate sustainability and corporate social responsibility.
Problems
Problems Opportunities
Opportunities
Manual (spreadsheet-based) systems are
Manual (spreadsheet-based) systems are Adopt a more proactive approach to supplier
Adopt a more proactive approach to supplier
siloed, error-prone, and do not reuse data in
siloed, error-prone, and do not reuse data in management
management
enterprise systems
enterprise systems
Anticipate and mitigate risk events; develop
Anticipate and mitigate risk events; develop
Roll-up processes to support audits and
Roll-up processes to support audits and response plans should these events occur
response plans should these events occur
other reporting needs are cumbersome
other reporting needs are cumbersome
Elevate profile of global corporate citizenship
Elevate profile of global corporate citizenship
Organizational accountabilities for
Organizational accountabilities for and enhance competitive brand position
and enhance competitive brand position
sustainability are unclear
sustainability are unclear Permeate sustainability initiatives and
Permeate sustainability initiatives and
Risk of being out of compliance with
Risk of being out of compliance with a culture of social responsibility throughout the
a culture of social responsibility throughout the
changing global regulations
changing global regulations organization
organization
No systematic way to respond to crisis or
No systematic way to respond to crisis or Improve efficiency of adjacent core processes
Improve efficiency of adjacent core processes
other unforeseen event
other unforeseen event (design, manufacturing, QA)
(design, manufacturing, QA)
No alignment with overall corporate
No alignment with overall corporate Incorporate sustainability in strategic planning
Incorporate sustainability in strategic planning
sustainability goals
sustainability goals and enterprise performance management
and enterprise performance management
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 14
16. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for CSR Planning and Implementation
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 15
17. Enterprise Architecture using SAP Building Blocks / 1
SAP offers a number of solution approaches consistent with CSR program structure and GRI
reporting requirements, based upon the operating model and existing IT footprint of the organization.
SAP provides several platforms
supporting CSR program goals
– “Classic SAP” which provides real-time
information around emissions, product/
material consumptions, supplier compliance
via SAP ERP, SAP SRM, SAP SCM, and
SAP PLM platforms
– SAP BusinessObjects Enterprise Performance
Management (EPM) which provides a platform
for strategic formulation Strategy
– SAP BusinessObjects Governance, Risk, and Operations
Compliance (GRC) which provides a platform
for program enablement and monitoring
Strategic enablement with real-time
decision-making capability
– This is the “secret sauce” for SAP, not
addressed in most other platform options
MM
MM QM
QM Non-SAP data
(which by and large are spreadsheet driven) SD
SD SRM
SRM
and applications
– Linkage to other strategic initiatives (balanced FI
FI
scorecard, KPI / KRI tracking)
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 16
18. Enterprise Architecture using SAP Building Blocks / 2
1 2
Enterprise Performance Management
Enterprise Performance Management Governance, Risk, and Compliance
Governance, Risk, and Compliance
Better control performance
Better control performance Aggregate and manage key risk activities
Aggregate and manage key risk activities
Increase organizational agility
Increase organizational agility Automate controls across processes
Automate controls across processes
Provide improved context for decision making
Provide improved context for decision making Monitor risk & controls across disparate systems
Monitor risk & controls across disparate systems
E Connectivity to…
TIV
TR A
IL LU S
SAP BusinessObjects
SAP BusinessObjects ERP (MM, PP, SD, PS)
ERP (MM, PP, SD, PS)
Enterprise Performance Management
Portfolio-driven Governance, Risk, and Compliance SCM (APO, SNP)
SCM (APO, SNP)
Value and Outcomes
Ensure Proactively Create SRM (eSourcing)
Trusted Manage Enterprise SRM (eSourcing)
SAP BusinessObjects ™
Information Risk Visibility
PLM (NPI, PPM)
PLM (NPI, PPM)
Business Intelligence
Information Management
Non-SAP
Non-SAP
Environments
Environments
3 4
Business Intelligence/Business Warehouse
Business Intelligence/Business Warehouse Information Management
Information Management
Access to all information
Access to all information Trusted information
Trusted information
Intuitive experience for all people
Intuitive experience for all people Operational excellence for IT
Operational excellence for IT
Single information infrastructure
Single information infrastructure Flexibility and agility
Flexibility and agility
Source: SAP America, SAP BusinessObjects, as modified by Newport Consulting Group.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 17
19. Enterprise Architecture using SAP Building Blocks / 3
The sustainability solution map for SAP BusinessObjects GRC comprises seven domains, each
providing functionality across operating areas. Companies can “menu select” building blocks based
on CSR program objectives and monitoring/reporting needs.
Generally the SAP SPM
solution is used with other
EPM products to drive
CSR program objectives.
1
2
3
4
5
6
7
Source: 2009 SAP AG public domain website, www.sap.com/sustainability.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 18
20. Enterprise Architecture using SAP Building Blocks / 4
The SAP BusinessObjects SPM application provides a global view of a sustainability program. Risk
officers and C-levels can easily track Key Performance Indicators (KPIs) deemed important for CSR
purposes, fed by real-time operational data from back office “classic SAP” functionality.
Performance settings
based on KPIs
thresholds (“triggers”)
that can be dynamically
linked to operational
data.
Drop-down
KPI library
Source: “Improve Your Corporate Sustainability Program using SAP BusinessObjects Sustainability Performance Management,” GRCExpert, 2009.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 19
21. Enterprise Architecture using SAP Building Blocks / 5
KPIs generally are summarized by aggregating various individual indicators which can come from
different areas in the organization. The relationship diagram of KPIs provides sustainability managers
visibility into the decomposition of each top-level company KPI.
The KPI “composer”
feature allows for the
networking relationship
and mapping of source
information to “build
up” KPIs.
Source: “Improve Your Corporate Sustainability Program using SAP BusinessObjects Sustainability Performance Management,” GRCExpert, 2009.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 20
22. Enterprise Architecture using SAP Building Blocks / 6
SAP SPM offers balanced scorecard views which can be configured to specific goals of CSR
programs. The scorecard view can also provide indicators for each goal area and specific goals for
easy monitoring and reporting.
The balanced scorecard
feature can also be
expressed as a strategy
map, and tailored to the
elements of each
scorecard.
Source: “Improve Your Corporate Sustainability Program using SAP BusinessObjects Sustainability Performance Management,” GRCExpert, 2009.
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 21
23. Enterprise Architecture using SAP Building Blocks / 7
SAP SPM can be linked to other SAP BusinessObjects EPM and SAP BusinessObjects GRC
platforms, such as SAP BusinessObjects Strategy Management for strategic formulation of KPIs and
SAP BusinessObjects Risk Management to view the impact of key risk indicators (KRIs) on financial
targets and enterprise risk management (ERM).
CSR Program Boundary
KPIs,
triggers
SAP BusinessObjects
Strategy Management
KRIs,
tolerances
SAP BusinessObjects
Sustainability Performance Management
SAP BusinessObjects
Source: “Improve Your Corporate Sustainability Program using SAP BusinessObjects
Sustainability Performance Management,” GRCExpert, 2009. Risk Management
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 22
24. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for CSR Planning and Implementation
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 23
25. Considerations for Roles-Based Process Controls / 1
For sustainability initiatives, an approach that leverages roles, access, permissions, and processes in
a structured Governance model, provides clarity in program design and execution.
Program Area
Responsibility Matrix fro Program Area A - ABC Company PUR PMO
ENGR MFG
Task # Task Requireme nt
1 Collect OE / Industry Requirements R, A A R C
2 Apply requirements to program objectives R, A R C
3 Determine information reporting gaps and needs A I C
4 Develop c losure plan for information reporting gaps and needs R, A A R C
5 Determine produc t information source list A R C
… …
…
Legend
Final Ac ceptanc e Review
Product Business Unit Lead
R
S
Review
Support
ENGR
MFG
Engineering
Manufacturing (VP, GM, Director level)
A Approve PUR Purchasing
Environmental Compliance
Environmental Compliance
C Create PMO Program Offic e
I Inform
Management Processes
Management Processes
RASCI Diagram – Responsibilities by Work Step
Rundown Role Program Compliance Manager
Sales Account and/or
Primary Resource
Secondary Resource Program Administrator
Purchasing Manager
A history of requirements review suggests the need for strong product configuration management. Program
Summary
management presence is the single most critical factor in the successful delivery of compliance program at ABC.
Key Process
Key Activities
Area
1. Refine and develop the project plan
2. Maintain the project plan
3. Monitor progress against baselines (scope, schedule, cost) and targets using EVM metrics
Craft and manage communications plan
Product and/or
4.
Program
Management 5. Conduct Project Status Meetings with Key Stakeholders
6. Brief leadership on Project Progress
7. …
Quality Manager
Playbook – Roles & Responsibilities
… …
Sustainability/Compliance Manager
(enterprise-wide or per program area)
1 … … … … … … …
Roles Defined in the Organization
… …
Compliance Process – Work Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 24
26. Considerations for Roles-Based Process Controls / 2
From a solution architecture perspective, a compliance layer is used to define the stages,
processes, and key activities for sustainability program compliance
Key questions to ask:
– Where are the data most persistent (i.e. system of record)? How are data governed and managed?
– What are the process and access controls used for compliance?
– For product companies, is compliance largely design or manufacturing BOM driven?
Compliance Management
Product Business Unit Lead
Rundown Role Program Compliance Manager
(VP, GM, Director)
Primary Resour ce
Secondary Resource Program Administrator
A history of requirements review suggests the need for strong product configuration management. Program
Processes
Processes
Summary
management presence is the single most critical factor in the successful delivery of compliance program at ABC. Sales Account and/or
Key Process
Key Activities
Purchasing Manager
Area
1. Refine and develop the project plan
2. Maintain the project plan
3. Monitor progress against baselines (scope, schedule, cost) and targets using EVM metrics
4. Craft and manage communications plan
Program
Management 5.
6.
Conduct Project St atus Meetings with Key Stakeholders
Brief leadership on Project Progress
Product and/or Quality Manager
7. …
Playbook – Roles & Responsibilities Compliance Manager
(Enterprise-wide or Program-level)
– Can be unique to each company
GRC Compliance Layer
GRC Compliance Layer
WHO
(Data Content, Analytics, Reporting, Process Management, Governance)
(Data Content, Analytics, Reporting, Process Management, Governance) Access OK by
WHAT Role, Department,
Access OK by and Cost Center?
compliance process,
SAP EH&S
SAP EH&S GRC Controls
GRC Controls
product program?
PLM
PLM SAP ERP (MM, SD)
SAP ERP (MM, SD) SRM
SRM SAP ERP HCM
SAP ERP HCM
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 25
27. Agenda
1. Introductions and Firm Overview
2. Corporate Drivers of Sustainability Programs
3. Global Reporting Initiative Considerations
4. Enterprise Architecture using SAP Building Blocks
5. Considerations for Roles-based Process Controls
6. Framework for a Corporate Sustainability Program
7. Summary and Next Steps
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 26
28. Framework for a Corporate Sustainability Program / 1
A sustainability program should be approached based on three fundamental premises, which guide all
phases of the initiative. This optimizes schedule performance, controls the costs through manageable
budget/decision gates, and applies sound architecture principles.
1 A hypothesis-driven approach differs from other approaches
A hypothesis-driven approach differs from other approaches
that are typically analysis-driven or even experimental
that are typically analysis-driven or even experimental
Follow a Hypothesis- The program team very quickly develops and confirms a set
The program team very quickly develops and confirms a set
of working understandings (i.e. hypothesis) during the initial
of working understandings (i.e. hypothesis) during the initial
Driven Approach weeks of the initiative
weeks of the initiative
This hypothesis serves as the basis for the preliminary
This hypothesis serves as the basis for the preliminary
design of the SAP solution and impacts to the organization
design of the SAP solution and impacts to the organization
2
Adhering to a common SDLC methodology reduces risk,
Adhering to a common SDLC methodology reduces risk,
Leverage an Integrated optimizes schedule performance, and allows for a common
optimizes schedule performance, and allows for a common
Systems Life-Cycle Delivery vocabulary throughout all activities of the initiative
vocabulary throughout all activities of the initiative
Any SDLC methodology should be viewed as a “guidebook”,
Any SDLC methodology should be viewed as a “guidebook”,
(SDLC) Methodology not a “cookbook” – we have found success leveraging ASAP
not a “cookbook” – we have found success leveraging ASAP
3
Utilizing numerous point solutions to achieve sustainability
Utilizing numerous point solutions to achieve sustainability
goals will create very high integration complexity and cost in
goals will create very high integration complexity and cost in
Focus on a Core Target the eventual solution architecture
the eventual solution architecture
Platform It is best to consider a small landscape of possible corporate
It is best to consider a small landscape of possible corporate
sustainability solutions, leveraging a core target platform (like
sustainability solutions, leveraging a core target platform (like
SAP) to satisfy the objectives of the sustainability initiative
SAP) to satisfy the objectives of the sustainability initiative
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 27
29. Framework for a Corporate Sustainability Program / 2
Phases, tasks, and deliverables generally consider the following — starting with Planning and Project
Preparation, which is the first phase of the ASAP methodology and approach.
Generally successful sustainability programs follow ASAP, leveraging the planning phase
to identify key objectives from the requirements documents
– Select a preferred sustainability solution path
– Develop an implementation plan
Typically the Project Preparation phase may be reflected as a sequence of tasks defined
by deliverables that meet key sustainability objectives
At the end of the Project Preparation phase, the company should be ideally positioned to
continue immediately with the subsequent phase (Business Blueprint) through the
remaining phases of the sustainability program initiative, culminating in Go-Live and
Support
Key success factors to maximize value
realization from an SAP solution
– Scope management
– Sound architectural principles
– Stakeholder alignment
– Organizational change management
– Risk management
Newport Consulting Group, LLC Corporate Sustainability Reporting using SAP GRC 28