SAP grc

Governance, Risk & Compliance SAP Live and Local Webcast Tour ‘08 5 June, 2008 [email_address]

Fragmentation Managing with confidence is difficult in an increasingly complex world Board of Directors Finance Legal Sales Contracts HR Controller IT Policy Mgmt. Audit & Compliance Treasury Australia U.S.A Japan U.K. France China Germany India Compliance Compliance Compliance Compliance Compliance Governance Compliance Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Risk Mgmt. Governance Security Proj. Mgmt. Doc. Mgmt. Contracts Planning Customers ERP Production Billing ASX Principle 7 CLERP 9 Credit Risk Human Capital Risk Segregation of duties SOX ROHS WEEE Project Risk Compliance Risk Mgmt. Governance

Integrated GRC Forward looking organizations are seeking a unified approach to GRC Australia U.S. A. Japan U.K. France China Germany India Compliance Compliance Compliance Compliance Compliance Governance Compliance Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Risk Mgmt. Governance Compliance Risk Mgmt. Governance Security Proj. Mgmt. Doc. Mgmt. Contracts Planning Customers ERP Production Billing Board of Directors Finance Legal Sales Contracts HR Controller IT Policy Mgmt. Audit & Compliance Treasury ASX Principle 7 CLERP 9 Credit Risk Human Capital Risk SOX ROHS WEEE Project Risk Segregation Of Duties

SAP Solutions for GRC A unified solution for GRC management ,[object Object],[object Object],[object Object],Business Process Platform Cross-Industry GRC Risk Management Risk Management Business Applications Compliance & Controls Industry-Specific GRC GRC Repository Environment Access Control Global Trade Process Control Life Sciences High Tech Chemicals Oil & Gas Banking Business Process

SAP GRC Access Control Sustainable prevention of segregation of duties violations Cross-enterprise library of best practice segregation of duties rules Compliant User Provisioning Prevent SoD violations at run time Superuser Privilege Management Close #1 audit issue with temporary emergency access Periodic Access Review and Audit Focus on remaining challenges during recurring audits (Stay in Control) (Stay Clean) Risk analysis, remediation and prevention services Enterprise Role Management Enforce SoD compliance at design time Risk Identification and Remediation Rapid, cost-effective and comprehensive initial clean-up (Get Clean) Minimal Time To Compliance Continuous Access Management Effective Management Oversight and Audit

Risk Analysis, Remediation and Prevention Services Delivers 24/7, real-time compliance by stopping security and controls violations before they occur Alerts Framework Reporting Reporting Real-time Simulation Mitigation Management Remediation Management Critical Transaction Monitoring Real-time SoD Risk Analysis Cross-Application Integration Risk Identification Elimination Prevention Mandatory Prevention Access Risks Services Cross-Enterprise Rules Architect Cross-Enterprise Rules Database Rules Access Risks Library ,[object Object],“ SAP GRC Access Control, with its comprehensive preconfigured rule set, reflected deep expertise within SAP that would have taken us a very long time to replicate.” Synopsys Inc.

Risk Analysis and Remediation Getting clean Reporting Risk Elimination Risk Identification Prevention End-to-End Automation Initial Risk Analysis and Remediation ,[object Object],“ The clean-up process has brought a tremendous degree of discipline to the way we think about and manage user access and authorizations.” Synopsys Inc.

Enterprise Role Definition Enables enterprise role definition and maintenance in a single location Centralized Role Management Across applications Enterprise Rules Audit log SAP GRC Access Control ,[object Object],[object Object],[object Object],[object Object],28% time savings in role management Customer Survey, 3/2006 Compliant enterprise roles Role … Role Role Role Role Role Role Role Role Role

SAP GRC Access Control Superuser Access Management Key Functionality Alert Framework Date Restrictions ID Administration Audit Logs Security Notification Reporting Reporting The only compliance-focused emergency access solution Compliant Superuser Access Privileged Access Firecall ID SD Firecall ID MM Firecall ID FICO Firecall ID . . . New Session New Session New Session New Session Superuser ,[object Object],[object Object],[object Object],[object Object],Log-in Restrictions Single User per ID Specific Authorization Access Log Log Log Log

SAP GRC Access Control Compliant Provisioning Enables Compliant End-to-End Provisioning “ hire to retire” Current Approach—Inefficient, Not Compliant email email spreadsheets, paper forms spreadsheets, paper forms Access Request Manager Approval Role Owner IT Security Manual Provisioning

GRC Access Control Compliant Provisioning Compliant Provisioning with Dynamic Workflow Path Workflow—based on request type and user attributes Escalation Workflow Exception Workflow 100% Automated HR Event Employee Hired/Retired Via e-mail 1 “Click” Preventive Simulation 100% Automated ,[object Object],[object Object],[object Object],[object Object],“ We reduced provisioning from 2 weeks to 2 days” – Web Seminar Rockwell Collins, 3/2005 Request Generated Automated Provisioning Mgr Approval Risk Analysis … … …

[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],GRC Access Controls

Our offer to you ,[object Object],[object Object],[object Object]

SAP grc

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to SAP grc

Similar to SAP grc (20)

Recently uploaded

Recently uploaded (20)

SAP grc