Integrating SAP GRC RM, PC and AC: An end-to-end solution · •Advisory services •Tax consulting...

Integrating SAP GRC RM, PC and AC:

An end-to-end solution

Antoine Wüthrich, PwC

March 14th, 2013

Agenda

Partner

The Need to Optimize

Value Proposition of an integrated SAP GRC (AC, PC and RM)

Summary

What you should know about PwC

What we do

PwC is the leading professional

services firm for :

• Audit services

• Advisory services

• Tax consulting

We have around 120 SAP

experts in Switzerland and

2’300 worldwide.

Who are our clients

Most of the companies running

SAP in Switzerland.

Genève

Lausanne

Neuchâtel Berne

Lugano

Lucerne Zug

Aarau Zurich

Saint-Gall

Thoune

Winterthur

Agenda

Partner

Summary

What is SAP GRC (Governance, Risk & Compliance)

Access control

Who can do or see

what in SAP?

Risk Management

What are our risks

and how are they

addressed?

Process control

Who did what in

SAP and KPIs.

Global trade

Are we custom & trade

compliant and efficient?

Process Control

Automated control and transaction

monitoring to evaluate compliance

effectiveness and business process

acceptability

• Configuration

• Master Data

• Business transactions

What is SAP GRC (Governance, Risk & Compliance)

Risk Management

• Formal integration of risk management with strategy

• Repeatable framework to analyze and mitigate risk

• Continuously monitor key risk indicators across strategic objectives

Access Control

• Segregation of duties

• Fraud, safeguard of assets

• User access management

• Compliance

What are the key SAP GRC trends

Source: PwC SAP GRC Survey 2012

Why companies are using SAP GRC Access controls?

Reduce access risk and

Reduce the cost of access

management

Reduce the cost of ongoing

compliance activities

Automatically detect and

remediate access risk

violations

Streamline requests for multiple

systems and embed preventative

compliance checks

Automate compliance reviews of

segregation of duties, critical

access, and superuser privileges

Source: adapted from SAP

Agenda

Partner

Summary

1. Continuously monitoring of data, configuration and transactions

2. Rationalizing the number of controls

3. Centralizing compliance management functions

4. Enabling sharing of risks and compliance data functions

5. Increasing accountability for controls

6. Creating a clear path to remediation for all control failures

7. Standardizing issue management practices

Value proposition: Integrating Process & Access Control in GRC 10

Substantial benefits in visibility, cost, and quality. Benefits include:

KPI monitoring

Financial

Operational

For example:

Tax ruling checker

Cash finder

Closing process

Data loss prevention

System usage

Value proposition: Integrating Process & Access Control in GRC 10

How to create value beyond compliance

Increase SAP ROI

Identify SAP functionality

not being used

Transparency of user behaviour and impact on process

efficiency

Quantify usage over time ensuring

benefits are maintained

Identify training needs

Improved process

compliance and standardisation

Identification of data integrity issues

Enable benchmarking across business

units Improved management information

Indication of risk and control

issues

When do companies implement SAP GRC

SAP implementation / optimization

SAP global roll-out

SAP outsourcing

SAP shared service

SAP competency center

SAP security redesign

SSO / IdM project

Cost pressure on compliance

After a fraud / compliance issue

Sensitive data stolen

New governance rules

When specific

risks arise:

Key points to take home

More and more companies are now using SAP GRC 10.0

Integrating SAP GRC 10.0 AC, PC and RM brings untapped potential

to improve the efficiency of your compliance process

SAP GRC bring value to your company (NOT just compliance)

You should expect a positive return on investment when

implementing SAP GRC

PwC can help !

Thank You!

Contact information:

Antoine Wüthrich

Senior Manager

Av. CF Ramuz 45, 1000 Lausanne

Antoine.wuthrich@ch.pwc.com

Integrating SAP GRC RM, PC and AC: An end-to-end solution · •Advisory services •Tax consulting...

Documents

Coke - Auditing Sap Grc

SAP GRC SOD

SAP GRC Access & Process Control

SAP GRC 10 Installation Guide

Sap GRC Basic Information

SAP GRC 99411GRCAC_Installations

SAP GRC AC5.3 - Installation Guide

Implementing an integrated GRC approach with SAP GRC · PDF fileImplementing an integrated GRC approach with SAP GRC Sumit Sanyal(PwC) GRC Conference 26. November 2013 in Moscow

Sap grc nfe 1

SAP IdM - GRC Integration Guide

SAP® GRC GLOBAL TRADE SERVICESfm.sap.com/data/UPLOAD/files/Secure_and_Streamline_Cross-Border... · SAP’s governance, risk, ... The SAP GRC Global Trade Services Application,

Integration of SAP TM with SAP Global Trade Services · Suite Applications SAP Governance, Risk, Compliance (GRC) Global Trade Services ... You have set up SAP Global Trade Services

SAP GRC AC 10 - ASUG Argentinaasug.org.ar/wp-content/uploads/2016/08/SAP-GRC-10.1-PwC-y-SAP.pdf · SAP Región Sur Agenda SAP GRC: Functionalities SAP GRC AC 10.1: Functionalities

SAP GRC GOVERNANCE, RISK & COMPLIANCE · 2018-09-20 · Aspectos que caracterizan SAP GRC La principal ventaja de utilizar SAP GRC es la sincronía que consigue entre los departamentos

Sap grc process control 10.0

COKE SAP GRC Access Controls

SAP GRC FOR FINANCIAL INSTITUTIONS.pdf

GRC Nordic SAP User Management · 2020. 9. 16. · GRC Nordic SAP User Management webinar. SAP Authorisation management ... •Financial reporting reliability •Internal control

Download SAP GRC Tutorial

SAPience 20151201 SAP GRC Integration · PDF fileAgenda Setting the scene GRC – IdM integration GRC – IdM demo GRC – Solution Manager integration Q&A 2 SAP GRC Identity Management