SlideShare ist ein Scribd-Unternehmen logo
1 von 10
Downloaden Sie, um offline zu lesen
>
GRC
A BearingPoint Accelerator
Working closely with the client, we deliver a rigorous and
effective integrated GRC (Governance, Risk and
Compliance) solution – one that is not only right for the
client, but also available for them.
Contents
Market Drivers
Our Approach
Client Benefits
References
Contact
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Market Drivers
Organizations are facing ever-increasing global, local, and industry-specific regulatory challenges.
These challenges have been cumbersome to meet with manual, non-structured efforts in the past - but
with mounting complexities and quantities of regulatory requirements, this becomes impossible.
Organizations need to structure their compliance activities and consider how automation can help
them manage regulatory compliance effectively.
In some areas, with the availability of automated tools, regulators intensify their regulatory
requirements in such a way that impacted organizations have no choice but to use such automated
tools and processes - for example within the area of Anti Money Laundering.
Beyond the external requirements brought forward by regulators, organizations understand more and
more that GRC is not only a cost and a compliance topic, but it can also help shape a more effective,
more streamlined and more transparent organization.
GRC functions are increasingly becoming integrated within the discipline and they connect across
other disciplines such as the finance function.
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Market Drivers
Companies face many sources of risk - what
could go wrong, what will go wrong
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Risk Sources in Context of PESTEL Analysis: Political, Economic,
Social, Technological, Environmental and Legislative.
Supply Stability
• Bankruptcy of suppliers
Information Security
• Swiss National Bank
• LGT
Theft
• Retail companies typically loose about
10 % of products because of theft
Incorrect Financial Statements
• Enron (2001)
• Worldcom (2002)
• Parmalat (2003)
Environmental Risk
• BP Deepwater Horizon (2010)
• Tepko (Fukushima)
Others (Reputation)
• Shell
• Total
• Glencore
Non Compliance (with Regulation)
• Collaboration
External Fraud
• Google (Chinese environment)
• SecureID
Internal Fraud
• Societe General (2008)
• UBS (2011)
• Gate Group
Market Drivers
Fragmented, manual activities increase cost
and fail to provide strategic value
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Executive Management
Lack of Transparency
• Poor visibility into enterprise risk exposure
• Processes are too reactive and defensive
• Fragmentation limits effectiveness of risk
and compliance initiatives
Compliance, Risk and Audit
Lack of resources
• Limited time and personnel to effectively
manage risk and compliance
• Inefficient and costly manual processes
• Inability to proactively mitigate risk events
Business Owners
Lack of Alignment
• Risk and compliance management processes
are not embedded within the business
• Controls are not aligned to key risks
• Limited risk and compliance influence on
business decisions
Our Approach
Based on our SAP©-based GRC R2Go© solution and our experienced consultants, we provide help and guidance every step of
the way – from the overall GRC strategy to specific actions, for example to maintain the right level of access control. We take an
active collaborative approach across the key stages: scoping, blueprinting, implementation, testing, training, and go live. Early on
in the process, we make sure we truly reflect our client's particular situation and issues so that we have a rich and robust scope
rooted in the business, providing the foundation for a faster, more effective solution.
We are constantly evolving our GRC solution to ensure it keeps pace with the most recent developments and delivers the best
possible support. To this end, we work closely with SAP© to take account of new features and functions of the core GRC
software, so we can build as much as possible into our integrated solution.
Furthermore, we maintain relationships with top software vendors within the GRC market to assist clients in choosing the GRC
platform that best fits their needs.
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Our Approach
Comprehensive GRC Cycle
CLIENTBENEFITSOUR APPROACHMARKETDRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
Enterprise Risk Management
• Risk Identification
• Risk Response Management
• Risk Reporting
Compliance Management
• Policy Management
• Control Automation
Fraud Management
• Fraud Detection
• Case Management
• Fraud Reporting
IT & Access Risk Management
• Segregation of Duties
• Compliant Identity Management
Client Benefits
With our SAP©-based GRC R2Go© solution, clients can quickly and confidently meet their requirements across four core areas:
Risk Management, Process Control, Access Control and Fraud Management. Uniquely, clients can take all four areas as an
integrated solution to maximize the ease and effectiveness of their risk management and mitigation. We also offer the flexibility
to use one or more areas separately.
Risk catalogues, best practice processes, sample organizational structures and more – we have added a high degree of rich
content across all core areas. This content is drawn from our wide-ranging experience of managing risks across different sectors.
We enable our clients to take advantage of our integrated solution across the entire project lifecycle from scoping to training, to
truly accelerate their GRC initiatives.
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
References
Project details
• Adaptive solution to manage increasing
data amounts and complexity
• Real time reporting and one click
consolidation features
• Integrate GRC cycle from Access,
Compliance and Risk Management
• Understanding Compliance and Risk
Management and bringing expertise
BearingPoint achievement
• Gather the requirements (workshops with stakeholders)
• Align the solution with the key stakeholders
• Build up a specific prototype to visualize potential
solutions
• Assess the financial impacts of key requirements and
illustrate potential solutions
• Close relationship to SAP to discuss enhancements to
product needed to meet requirements
Client results
• SAP GRC 10.0 Process Control and Risk
Management Blueprint
• Prototype equipped with master data
• Business Processes adapted to the needs but
aligned to SAP product capabilities
• Good understanding of the product for the involved
team
• User Management Integration scenario
Project details
• Develop and implement comprehensive
governance for the SAP user- and
authorization management for all
administration entities.
• The chosen software solution ensures
compliance to the SAP governance,
given the complex environment.
• Raise the Internal Control System
awareness.
• Choosing a particular software.
BearingPoint achievement
• Organizing workshops to gather requirements
• Develop a governance document aligned to business
needs
• Develop and implement a SAP GRC AC 10.0
prototype with the following components
- Access Risk Analysis (ARA)
- Access Request Management (ARM)
• Potential implementation scenarios
• Train stakeholders
Client results
• Fully working SAP GRC 10.0 AC prototype
• SAP Governance
• Business and IT rule set for Segregation of Duties
and critical authorizations
• Implementation scenarios and their financial
impact
• Basis for the software decision, linked with
know-how of the client prototype
SAP GRC 10 Process Control/Risk Management blueprint for a leading automotive supply manufacturer
BearingPoint was engaged to implement and integrate the Process Control and Risk Management modules of SAP`s GRC 10.0 solution.
BearingPoint is engaged to establish a GRC infrastructure in the SAP space which includes the definition of a governance, a client specific risk rule set and a SAP GRC 10.0 AC prototype.
Risk analysis concept and implementation in the public services environment
CLIENTBENEFITSOURAPPROACHMARKETDRIVERS REFERENCES CONTACT< >
GRC | A BearingPoint Accelerator
CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT<
Contact
Alexa Haisermann
Partner
BearingPoint Germany
alexa.haisermann@bearingpoint.com
Franz Hiller
Partner
BearingPoint Germany
franz.hiller@bearingpoint.com
GRC | A BearingPoint Accelerator
Oliver Engelbrecht
Partner
BearingPoint Germany
oliver.engelbrecht@bearingpoint.com
About BearingPoint
BearingPoint consultants understand that the world of business changes constantly and that the resulting complexities demand intelligent and
adaptive solutions. Our clients, whether in commercial or financial industries or in government, experience real results when they work with us. We
combine industry, operational and technology skills with relevant proprietary and other assets in order to tailor solutions for each client’s
individual challenges. This adaptive approach is at the heart of our culture and has led to long-standing relationships with many of the world’s
leading companies and organizations. Our global consulting network of 9,700 people serves clients in more than 70 countries and engages with
them for measurable results and long-lasting success.
For more information, please visit: www.bearingpoint.com
© 2015 BearingPoint. All rights reserved

Weitere ähnliche Inhalte

Was ist angesagt?

Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Maxime CARPENTIER
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Demystifying Open Banking
Demystifying Open BankingDemystifying Open Banking
Demystifying Open Bankingaccenture
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityJeff B
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyAndrew Smart
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Dawn Yankeelov
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
NQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex ANQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex ANA Putra
 
Blockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - ClaventBlockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - ClaventAraf Karsh Hamid
 
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...Infosec
 
01 - Introduction to Hyperledger : A Blockchain Technology for Business
01 - Introduction to Hyperledger : A Blockchain Technology for Business01 - Introduction to Hyperledger : A Blockchain Technology for Business
01 - Introduction to Hyperledger : A Blockchain Technology for BusinessMerlec Mpyana
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...Implementing Anti-Money Laundering and Know Your Customer Managed Services So...
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...accenture
 

Was ist angesagt? (20)

Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Demystifying Open Banking
Demystifying Open BankingDemystifying Open Banking
Demystifying Open Banking
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
 
GRC
GRCGRC
GRC
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
 
Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity Shaping Your Future in Banking Cybersecurity
Shaping Your Future in Banking Cybersecurity
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Key risk indicators shareslide
Key risk indicators shareslideKey risk indicators shareslide
Key risk indicators shareslide
 
NQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex ANQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex A
 
Blockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - ClaventBlockchain HyperLedger Fabric Internals - Clavent
Blockchain HyperLedger Fabric Internals - Clavent
 
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...
NICE Cybersecurity Workforce Framework: Close your skills gap with role-based...
 
01 - Introduction to Hyperledger : A Blockchain Technology for Business
01 - Introduction to Hyperledger : A Blockchain Technology for Business01 - Introduction to Hyperledger : A Blockchain Technology for Business
01 - Introduction to Hyperledger : A Blockchain Technology for Business
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentation
 
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...Implementing Anti-Money Laundering and Know Your Customer Managed Services So...
Implementing Anti-Money Laundering and Know Your Customer Managed Services So...
 
Coso framework
Coso frameworkCoso framework
Coso framework
 

Andere mochten auch

Revenue Recognition
Revenue RecognitionRevenue Recognition
Revenue RecognitionBearingPoint
 
CPQ - Configure, Price and Quoting Excellence
CPQ - Configure, Price and Quoting ExcellenceCPQ - Configure, Price and Quoting Excellence
CPQ - Configure, Price and Quoting ExcellenceBearingPoint
 
IT Financial Management
IT Financial ManagementIT Financial Management
IT Financial ManagementBearingPoint
 
Global Research: The Connected Industrial Workforce
Global Research: The Connected Industrial WorkforceGlobal Research: The Connected Industrial Workforce
Global Research: The Connected Industrial Workforceaccenture
 
Predictive Maintenance
Predictive MaintenancePredictive Maintenance
Predictive MaintenanceBearingPoint
 

Andere mochten auch (12)

Revenue Recognition
Revenue RecognitionRevenue Recognition
Revenue Recognition
 
LogCOST
LogCOSTLogCOST
LogCOST
 
Cloud Navigator
Cloud NavigatorCloud Navigator
Cloud Navigator
 
Active Manager
Active ManagerActive Manager
Active Manager
 
Lean - ERP
Lean - ERPLean - ERP
Lean - ERP
 
CLU
CLUCLU
CLU
 
CPQ - Configure, Price and Quoting Excellence
CPQ - Configure, Price and Quoting ExcellenceCPQ - Configure, Price and Quoting Excellence
CPQ - Configure, Price and Quoting Excellence
 
IT Financial Management
IT Financial ManagementIT Financial Management
IT Financial Management
 
Global Research: The Connected Industrial Workforce
Global Research: The Connected Industrial WorkforceGlobal Research: The Connected Industrial Workforce
Global Research: The Connected Industrial Workforce
 
IT M&A Advisory
IT M&A AdvisoryIT M&A Advisory
IT M&A Advisory
 
Predictive Maintenance
Predictive MaintenancePredictive Maintenance
Predictive Maintenance
 
Payment Factory
Payment FactoryPayment Factory
Payment Factory
 

Ähnlich wie GRC

Mann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India
 
Grom Capabilities 2016
Grom Capabilities 2016Grom Capabilities 2016
Grom Capabilities 2016Sue Linder
 
iGrafx | Business Process Management Solution Provider | ProServ UAE
iGrafx | Business Process Management Solution Provider | ProServ UAEiGrafx | Business Process Management Solution Provider | ProServ UAE
iGrafx | Business Process Management Solution Provider | ProServ UAEProServ
 
Chase Cooper Overview
Chase Cooper OverviewChase Cooper Overview
Chase Cooper OverviewAoife Brennan
 
A New Era of Compliance: Innovations in ServiceNow GRC 
A New Era of Compliance: Innovations in ServiceNow GRC A New Era of Compliance: Innovations in ServiceNow GRC 
A New Era of Compliance: Innovations in ServiceNow GRC Aelum Consulting
 
Crafting an End-to-End Pharma GRC Strategy
Crafting an End-to-End Pharma GRC StrategyCrafting an End-to-End Pharma GRC Strategy
Crafting an End-to-End Pharma GRC StrategyCognizant
 
Company Overview
Company OverviewCompany Overview
Company Overviewnetmongers
 
An Introduction to econsys
An Introduction to econsysAn Introduction to econsys
An Introduction to econsysAndrew Redfern
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
Product Development Plan
Product Development PlanProduct Development Plan
Product Development PlanOsama Shaath
 
Cloudway sipm capabilities
Cloudway sipm capabilitiesCloudway sipm capabilities
Cloudway sipm capabilitiesSaumya S
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s  IT GRC Tools – Key Issues and TrendsMaclear’s  IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
 
SAM Software Asset Management
SAM Software Asset ManagementSAM Software Asset Management
SAM Software Asset ManagementBearingPoint
 
Acknowledging ServiceNow GRC's Potential for Transformation.pdf
Acknowledging ServiceNow GRC's Potential for Transformation.pdfAcknowledging ServiceNow GRC's Potential for Transformation.pdf
Acknowledging ServiceNow GRC's Potential for Transformation.pdfAelum Consulting
 
Mann-India_Service-Offerings_IS-Mining
Mann-India_Service-Offerings_IS-MiningMann-India_Service-Offerings_IS-Mining
Mann-India_Service-Offerings_IS-MiningMann-India
 
Esouag r12 presentation
Esouag r12 presentationEsouag r12 presentation
Esouag r12 presentationIshtiaq Khan
 

Ähnlich wie GRC (20)

Mann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRC
 
Grom Capabilities 2016
Grom Capabilities 2016Grom Capabilities 2016
Grom Capabilities 2016
 
iGrafx | Business Process Management Solution Provider | ProServ UAE
iGrafx | Business Process Management Solution Provider | ProServ UAEiGrafx | Business Process Management Solution Provider | ProServ UAE
iGrafx | Business Process Management Solution Provider | ProServ UAE
 
Chase Cooper Overview
Chase Cooper OverviewChase Cooper Overview
Chase Cooper Overview
 
A New Era of Compliance: Innovations in ServiceNow GRC 
A New Era of Compliance: Innovations in ServiceNow GRC A New Era of Compliance: Innovations in ServiceNow GRC 
A New Era of Compliance: Innovations in ServiceNow GRC 
 
Crafting an End-to-End Pharma GRC Strategy
Crafting an End-to-End Pharma GRC StrategyCrafting an End-to-End Pharma GRC Strategy
Crafting an End-to-End Pharma GRC Strategy
 
Company Overview
Company OverviewCompany Overview
Company Overview
 
An Introduction to econsys
An Introduction to econsysAn Introduction to econsys
An Introduction to econsys
 
GRC– The Way Forward
GRC– The Way ForwardGRC– The Way Forward
GRC– The Way Forward
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field
 
Product Development Plan
Product Development PlanProduct Development Plan
Product Development Plan
 
Cloudway sipm capabilities
Cloudway sipm capabilitiesCloudway sipm capabilities
Cloudway sipm capabilities
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s  IT GRC Tools – Key Issues and TrendsMaclear’s  IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
 
SAM Software Asset Management
SAM Software Asset ManagementSAM Software Asset Management
SAM Software Asset Management
 
Acknowledging ServiceNow GRC's Potential for Transformation.pdf
Acknowledging ServiceNow GRC's Potential for Transformation.pdfAcknowledging ServiceNow GRC's Potential for Transformation.pdf
Acknowledging ServiceNow GRC's Potential for Transformation.pdf
 
Software Performance Engineering Services
Software Performance Engineering ServicesSoftware Performance Engineering Services
Software Performance Engineering Services
 
SAP License Services by Crayon Software Experts
SAP License Services by Crayon Software ExpertsSAP License Services by Crayon Software Experts
SAP License Services by Crayon Software Experts
 
Mann-India_Service-Offerings_IS-Mining
Mann-India_Service-Offerings_IS-MiningMann-India_Service-Offerings_IS-Mining
Mann-India_Service-Offerings_IS-Mining
 
CA ITSM & ITAM
CA ITSM & ITAMCA ITSM & ITAM
CA ITSM & ITAM
 
Esouag r12 presentation
Esouag r12 presentationEsouag r12 presentation
Esouag r12 presentation
 

Mehr von BearingPoint

Marketing Operations Grid
Marketing Operations GridMarketing Operations Grid
Marketing Operations GridBearingPoint
 
Transformation Model for leveraging ARTIFICIAL INTELLIGENCE
Transformation Model for leveraging ARTIFICIAL INTELLIGENCETransformation Model for leveraging ARTIFICIAL INTELLIGENCE
Transformation Model for leveraging ARTIFICIAL INTELLIGENCEBearingPoint
 
Business and Data in motion
Business and Data in motionBusiness and Data in motion
Business and Data in motionBearingPoint
 
Planning and Forecasting in Oil & Gas
Planning and Forecasting in Oil & GasPlanning and Forecasting in Oil & Gas
Planning and Forecasting in Oil & GasBearingPoint
 
Opex in Manufacturing
Opex in ManufacturingOpex in Manufacturing
Opex in ManufacturingBearingPoint
 
360° B2B Sales Management
360° B2B Sales Management360° B2B Sales Management
360° B2B Sales ManagementBearingPoint
 
Connectivity for IoT
Connectivity for IoTConnectivity for IoT
Connectivity for IoTBearingPoint
 
Service goes digital
Service goes digitalService goes digital
Service goes digitalBearingPoint
 
Investment Accounting in the Cloud
Investment Accounting in the CloudInvestment Accounting in the Cloud
Investment Accounting in the CloudBearingPoint
 
Investment Data Warehouse
Investment Data WarehouseInvestment Data Warehouse
Investment Data WarehouseBearingPoint
 

Mehr von BearingPoint (15)

Marketing Operations Grid
Marketing Operations GridMarketing Operations Grid
Marketing Operations Grid
 
Transformation Model for leveraging ARTIFICIAL INTELLIGENCE
Transformation Model for leveraging ARTIFICIAL INTELLIGENCETransformation Model for leveraging ARTIFICIAL INTELLIGENCE
Transformation Model for leveraging ARTIFICIAL INTELLIGENCE
 
Business and Data in motion
Business and Data in motionBusiness and Data in motion
Business and Data in motion
 
Planning and Forecasting in Oil & Gas
Planning and Forecasting in Oil & GasPlanning and Forecasting in Oil & Gas
Planning and Forecasting in Oil & Gas
 
Opex in Manufacturing
Opex in ManufacturingOpex in Manufacturing
Opex in Manufacturing
 
Visual Analytics
Visual AnalyticsVisual Analytics
Visual Analytics
 
360° B2B Sales Management
360° B2B Sales Management360° B2B Sales Management
360° B2B Sales Management
 
Factory Navigator
Factory NavigatorFactory Navigator
Factory Navigator
 
Connectivity for IoT
Connectivity for IoTConnectivity for IoT
Connectivity for IoT
 
Lab Optimizer
Lab OptimizerLab Optimizer
Lab Optimizer
 
Service goes digital
Service goes digitalService goes digital
Service goes digital
 
Digital Workspace
Digital WorkspaceDigital Workspace
Digital Workspace
 
Investment Accounting in the Cloud
Investment Accounting in the CloudInvestment Accounting in the Cloud
Investment Accounting in the Cloud
 
Investment Data Warehouse
Investment Data WarehouseInvestment Data Warehouse
Investment Data Warehouse
 
Universal Consor
Universal ConsorUniversal Consor
Universal Consor
 

Kürzlich hochgeladen

Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environmentelijahj01012
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 

Kürzlich hochgeladen (20)

Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environment
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 

GRC

  • 1. > GRC A BearingPoint Accelerator Working closely with the client, we deliver a rigorous and effective integrated GRC (Governance, Risk and Compliance) solution – one that is not only right for the client, but also available for them.
  • 2. Contents Market Drivers Our Approach Client Benefits References Contact CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator
  • 3. Market Drivers Organizations are facing ever-increasing global, local, and industry-specific regulatory challenges. These challenges have been cumbersome to meet with manual, non-structured efforts in the past - but with mounting complexities and quantities of regulatory requirements, this becomes impossible. Organizations need to structure their compliance activities and consider how automation can help them manage regulatory compliance effectively. In some areas, with the availability of automated tools, regulators intensify their regulatory requirements in such a way that impacted organizations have no choice but to use such automated tools and processes - for example within the area of Anti Money Laundering. Beyond the external requirements brought forward by regulators, organizations understand more and more that GRC is not only a cost and a compliance topic, but it can also help shape a more effective, more streamlined and more transparent organization. GRC functions are increasingly becoming integrated within the discipline and they connect across other disciplines such as the finance function. CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator
  • 4. Market Drivers Companies face many sources of risk - what could go wrong, what will go wrong CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator Risk Sources in Context of PESTEL Analysis: Political, Economic, Social, Technological, Environmental and Legislative. Supply Stability • Bankruptcy of suppliers Information Security • Swiss National Bank • LGT Theft • Retail companies typically loose about 10 % of products because of theft Incorrect Financial Statements • Enron (2001) • Worldcom (2002) • Parmalat (2003) Environmental Risk • BP Deepwater Horizon (2010) • Tepko (Fukushima) Others (Reputation) • Shell • Total • Glencore Non Compliance (with Regulation) • Collaboration External Fraud • Google (Chinese environment) • SecureID Internal Fraud • Societe General (2008) • UBS (2011) • Gate Group
  • 5. Market Drivers Fragmented, manual activities increase cost and fail to provide strategic value CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator Executive Management Lack of Transparency • Poor visibility into enterprise risk exposure • Processes are too reactive and defensive • Fragmentation limits effectiveness of risk and compliance initiatives Compliance, Risk and Audit Lack of resources • Limited time and personnel to effectively manage risk and compliance • Inefficient and costly manual processes • Inability to proactively mitigate risk events Business Owners Lack of Alignment • Risk and compliance management processes are not embedded within the business • Controls are not aligned to key risks • Limited risk and compliance influence on business decisions
  • 6. Our Approach Based on our SAP©-based GRC R2Go© solution and our experienced consultants, we provide help and guidance every step of the way – from the overall GRC strategy to specific actions, for example to maintain the right level of access control. We take an active collaborative approach across the key stages: scoping, blueprinting, implementation, testing, training, and go live. Early on in the process, we make sure we truly reflect our client's particular situation and issues so that we have a rich and robust scope rooted in the business, providing the foundation for a faster, more effective solution. We are constantly evolving our GRC solution to ensure it keeps pace with the most recent developments and delivers the best possible support. To this end, we work closely with SAP© to take account of new features and functions of the core GRC software, so we can build as much as possible into our integrated solution. Furthermore, we maintain relationships with top software vendors within the GRC market to assist clients in choosing the GRC platform that best fits their needs. CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator
  • 7. Our Approach Comprehensive GRC Cycle CLIENTBENEFITSOUR APPROACHMARKETDRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator Enterprise Risk Management • Risk Identification • Risk Response Management • Risk Reporting Compliance Management • Policy Management • Control Automation Fraud Management • Fraud Detection • Case Management • Fraud Reporting IT & Access Risk Management • Segregation of Duties • Compliant Identity Management
  • 8. Client Benefits With our SAP©-based GRC R2Go© solution, clients can quickly and confidently meet their requirements across four core areas: Risk Management, Process Control, Access Control and Fraud Management. Uniquely, clients can take all four areas as an integrated solution to maximize the ease and effectiveness of their risk management and mitigation. We also offer the flexibility to use one or more areas separately. Risk catalogues, best practice processes, sample organizational structures and more – we have added a high degree of rich content across all core areas. This content is drawn from our wide-ranging experience of managing risks across different sectors. We enable our clients to take advantage of our integrated solution across the entire project lifecycle from scoping to training, to truly accelerate their GRC initiatives. CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator
  • 9. References Project details • Adaptive solution to manage increasing data amounts and complexity • Real time reporting and one click consolidation features • Integrate GRC cycle from Access, Compliance and Risk Management • Understanding Compliance and Risk Management and bringing expertise BearingPoint achievement • Gather the requirements (workshops with stakeholders) • Align the solution with the key stakeholders • Build up a specific prototype to visualize potential solutions • Assess the financial impacts of key requirements and illustrate potential solutions • Close relationship to SAP to discuss enhancements to product needed to meet requirements Client results • SAP GRC 10.0 Process Control and Risk Management Blueprint • Prototype equipped with master data • Business Processes adapted to the needs but aligned to SAP product capabilities • Good understanding of the product for the involved team • User Management Integration scenario Project details • Develop and implement comprehensive governance for the SAP user- and authorization management for all administration entities. • The chosen software solution ensures compliance to the SAP governance, given the complex environment. • Raise the Internal Control System awareness. • Choosing a particular software. BearingPoint achievement • Organizing workshops to gather requirements • Develop a governance document aligned to business needs • Develop and implement a SAP GRC AC 10.0 prototype with the following components - Access Risk Analysis (ARA) - Access Request Management (ARM) • Potential implementation scenarios • Train stakeholders Client results • Fully working SAP GRC 10.0 AC prototype • SAP Governance • Business and IT rule set for Segregation of Duties and critical authorizations • Implementation scenarios and their financial impact • Basis for the software decision, linked with know-how of the client prototype SAP GRC 10 Process Control/Risk Management blueprint for a leading automotive supply manufacturer BearingPoint was engaged to implement and integrate the Process Control and Risk Management modules of SAP`s GRC 10.0 solution. BearingPoint is engaged to establish a GRC infrastructure in the SAP space which includes the definition of a governance, a client specific risk rule set and a SAP GRC 10.0 AC prototype. Risk analysis concept and implementation in the public services environment CLIENTBENEFITSOURAPPROACHMARKETDRIVERS REFERENCES CONTACT< > GRC | A BearingPoint Accelerator
  • 10. CLIENT BENEFITSOUR APPROACHMARKET DRIVERS REFERENCES CONTACT< Contact Alexa Haisermann Partner BearingPoint Germany alexa.haisermann@bearingpoint.com Franz Hiller Partner BearingPoint Germany franz.hiller@bearingpoint.com GRC | A BearingPoint Accelerator Oliver Engelbrecht Partner BearingPoint Germany oliver.engelbrecht@bearingpoint.com About BearingPoint BearingPoint consultants understand that the world of business changes constantly and that the resulting complexities demand intelligent and adaptive solutions. Our clients, whether in commercial or financial industries or in government, experience real results when they work with us. We combine industry, operational and technology skills with relevant proprietary and other assets in order to tailor solutions for each client’s individual challenges. This adaptive approach is at the heart of our culture and has led to long-standing relationships with many of the world’s leading companies and organizations. Our global consulting network of 9,700 people serves clients in more than 70 countries and engages with them for measurable results and long-lasting success. For more information, please visit: www.bearingpoint.com © 2015 BearingPoint. All rights reserved