Integrating SAP GRC RM, PC and AC: An end-to-end solution

Similar documents
Oracle Buys Automated Applications Controls Leader LogicalApps

SAP Security Remediation: Three Steps for Success Using SAP GRC

SAP Security Remediation: Three Steps for Success Using SAP GRC

Achieving effective risk management and continuous compliance with Deloitte and SAP

Survey - Governance, Risk and Compliance

SAP security solutions Is your business protected?

A Global Look at IT Audit Best Practices

Pave the way: Build a value driven SAP GRC roadmap March 2015

The Future of IT Internal Controls Automation: A Game Changer. January Risk Advisory

Turning Risk into Advantage

OVERVIEW BROCHURE GRC. When you have to be right

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016

Heading Text. Manage your Organization s Governance, Risks, and Compliance Requirements and Transform your Business Potential with SAP GRC

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

COURSE LISTING. Courses Listed. with Governance, Risk and Compliance (GRC) SAP BusinessObjects. 19 February 2018 (15:13 GMT) GRC100 -

A Framework for Managing Crime and Fraud

ISO 27001:2013 certification

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

CYBER INSURANCE: MANAGING THE RISK

Introduction to Automated Controls

Predstavenie štandardu ISO/IEC 27005

Cybersecurity Session IIA Conference 2018

Guidance Solvency II data quality management by insurers

How Internal Control Translates into RACF

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Saving Time Amanda McPherson, CCBIA Vice President/Internal Audit Manager Colorado East Bank & Trust

Cybersecurity. Securely enabling transformation and change

Vulnerability Management Trends In APAC

Test Data Management for Security and Compliance

"Charting the Course... ITIL 2011 Managing Across the Lifecycle ( MALC ) Course Summary

HCL GRC IT AUDIT & ASSURANCE SERVICES

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Improve Internal Controls with Governance, Risk, and Compliance Solutions

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Developing your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR)

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

<< Practice Test Demo - 2PassEasy >> Exam Questions CISM. Certified Information Security Manager.

Improving Data Governance in Your Organization. Faire Co Regional Manger, Information Management Software, ASEAN

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow

locuz.com SOC Services

CISM Certified Information Security Manager

Technology Transformation. Transformation. Excellence. Governance. PMO

Overview. Business value

SAP: Speeding GRC Control Testing by 90% with SAP Solutions for GRC

Hyperion Application Access Control Governor Blueprint for Oracle GRC Applications

ISACA Arizona May 2016 Chapter Meeting

FulcrumWay Leading Provider of Enterprise Risk Assessment Mitigation and Remediation Solutions

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

Leveraging advanced controls with PeopleSoft implementation and upgrade projects

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE

ISO 55001: 2014 Asset Management System 5-Day Training Course (IAM Certified)

Governance, Risk, and Compliance: A Practical Guide to Points of Entry

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Adaptive & Unified Approach to Risk Management and Compliance via CCF

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

Accelerate Your Enterprise Private Cloud Initiative

A SERVICE ORGANIZATION S GUIDE SOC 1, 2, & 3 REPORTS

Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

San Francisco Chapter. Cassius Downs Network Edge LLC

A Pragmatic Path to Compliance. Jaffa Law

RUAG Cyber Security Understand Cyber. Protect Values.

Cybersecurity Protecting your crown jewels

INTELLIGENCE DRIVEN GRC FOR SECURITY

Governance, Risk & Compliance - Management Commitment; Building a GRC Aware Culture.

Big data privacy in Australia

RISK INTELLIGENCE Assurance and efficiency improvement through a robust Enterprise Risk Management approach

EY s Data Privacy Services. January 2019

DATACENTER SERVICES DATACENTER

3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

EXAM PREPARATION GUIDE

The risk of SQL forms within the Oracle Applications- How did that Happen?

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING

Risk advisory Services Technology risk assurance. November 2016 THE POWER OF BEING UNDERSTOOD AUDIT TAX CONSULTING

BHConsulting. Your trusted cybersecurity partner

REPORT 2015/149 INTERNAL AUDIT DIVISION

Healthcare Security Success Story

Introduction to Automated Controls. Jay Swaminathan Senior Manager, SOAProjects. San Francisco Chapter

Cyber Security Law --- Are you ready?

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

ADVANCED AUDIT AND ASSURANCE

2017 Ethics & Compliance Hotline & Incident Management Benchmark Report Webinar

COBIT 5 With COSO 2013

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

FDIC InTREx What Documentation Are You Expected to Have?

Workshop IT Star IT Security Professional Positioning and Monitoring: e-cfplus support

Building a strong platform strategy: IT and cybersecurity implications November 15, 2018

GDPR: A QUICK OVERVIEW

Cloud Computing: A European Perspective. Rolf von Roessing CISA, CGEIT, CISM International Vice President, ISACA

Sales and Marketing Strategies That Work for Financial Services

Privacy By Design: Privacy smart from the start. Agenda. 1. About Deloitte. 2. Privacy Incidents Around the World. 3. Privacy Smart from the Start

Transcription:

Integrating SAP GRC RM, PC and AC: An end-to-end solution Antoine Wüthrich, PwC March 14th, 2013

Agenda Partner The Need to Optimize Value Proposition of an integrated SAP GRC (AC, PC and RM) Summary 2011 SAP AG. All rights reserved. 2

What you should know about PwC What we do PwC is the leading professional services firm for : Who are our clients Most of the companies running SAP in Switzerland. Audit services Advisory services Tax consulting We have around 120 SAP experts in Switzerland and 2 300 worldwide. Neuchâtel Lausanne Genève Bâle Aarau Zurich Winterthur Saint-Gall Lucerne Zug Berne Thoune Coire Sion Lugano 3 2011 SAP AG. All rights reserved. 3

Agenda Partner The Need to Optimize Value Proposition of an integrated SAP GRC (AC, PC and RM) Summary 2011 SAP AG. All rights reserved. 4

What is SAP GRC (Governance, Risk & Compliance) Access control Who can do or see what in SAP? AC PC Process control Who did what in SAP and KPIs. Risk Management What are our risks and how are they addressed? RM GTS Global trade Are we custom & trade compliant and efficient? 5 2011 SAP AG. All rights reserved. 5

What is SAP GRC (Governance, Risk & Compliance) Risk Management Formal integration of risk management with strategy Repeatable framework to analyze and mitigate risk Continuously monitor key risk indicators across strategic objectives RM Access Control Segregation of duties Fraud, safeguard of assets User access management Compliance AC Process Control Automated control and transaction monitoring to evaluate compliance effectiveness and business process acceptability Configuration Master Data PC Business transactions 2011 SAP AG. All rights reserved. 6

What are the key SAP GRC trends AC PC RM Source: PwC SAP GRC Survey 2012 7 2011 SAP AG. All rights reserved. 7

Why companies are using SAP GRC Access controls? Reduce access risk and fraud Reduce the cost of access management Reduce the cost of ongoing compliance activities Automatically detect and remediate access risk violations Streamline requests for multiple systems and embed preventative compliance checks Automate compliance reviews of segregation of duties, critical access, and superuser privileges RM AC PC Source: adapted from SAP 8 2011 SAP AG. All rights reserved. 8

Agenda Partner The Need to Optimize Value Proposition of an integrated SAP GRC (AC, PC and RM) Summary 2011 SAP AG. All rights reserved. 9

Value proposition: Integrating Process & Access Control in GRC 10 Substantial benefits in visibility, cost, and quality. Benefits include: 1. Continuously monitoring of data, configuration and transactions 2. Rationalizing the number of controls 3. Centralizing compliance management functions 4. Enabling sharing of risks and compliance data functions 5. Increasing accountability for controls 6. Creating a clear path to remediation for all control failures 7. Standardizing issue management practices 10 2011 SAP AG. All rights reserved. 10

Value proposition: Integrating Process & Access Control in GRC 10 How to create value beyond compliance KPI monitoring Financial Operational Tax For example: Tax ruling checker Cash finder Closing process Data loss prevention System usage Indication of risk and control issues Improved process compliance and standardisation Enable benchmarking across business units Identify training needs Increase SAP ROI Improved management information Transparency of user behaviour and impact on process efficiency Quantify usage over time ensuring benefits are maintained Identification of data integrity issues Identify SAP functionality not being used 2011 SAP AG. All rights reserved. 11

When do companies implement SAP GRC When specific risks arise: AC RM PC GTS SAP implementation / optimization SAP global roll-out SAP outsourcing SAP shared service SAP competency center SAP security redesign SSO / IdM project Cost pressure on compliance After a fraud / compliance issue Sensitive data stolen New governance rules 12 2011 SAP AG. All rights reserved. 12

Key points to take home More and more companies are now using SAP GRC 10.0 Integrating SAP GRC 10.0 AC, PC and RM brings untapped potential to improve the efficiency of your compliance process SAP GRC bring value to your company (NOT just compliance) You should expect a positive return on investment when implementing SAP GRC PwC can help! 2011 SAP AG. All rights reserved. 13

Thank You! Contact information: Antoine Wüthrich Senior Manager Av. CF Ramuz 45, 1000 Lausanne Antoine.wuthrich@ch.pwc.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback