SAP AG has expanded its portfolio of solutions designed to help large and small enterprises manage governance, risk and compliance (GRC). SAP said it will be adding three new products to its robust GRC offering. It is delivering a unified foundation that allows for a comprehensive GRC solution, which provides proactive transparency across the entire enterprise. SAP also announced a strategic relationship in North America with Cisco Systems, Inc. to enhance the effectiveness of SAP solutions for GRC by taking advantage of the Cisco Service-Oriented Network Architecture (SONA) within the IT network infrastructure.
SAP solutions for GRC deliver integrated applications that manage business process and IT infrastructure risks as well as operational and corporate-level risk across the entire enterprise. SAP three new applications include SAP GRC Repository, SAP GRC Process Control and SAP GRC Risk Management.
"IDC believes that effective governance, risk and compliance management requires an ecosystem of solutions that form a platform that can be leveraged across multiple initiatives," said Kathleen Wilhide, research director for Compliance and Business Performance Management (BPM) Solutions research, IDC. "By combining legacy solutions with the product portfolio of SAP's recent acquisition of Virsa, SAP offers the opportunity for organizations to integrate flexible governance, risk and compliance capabilities and implement processes that support continuous governance and enhanced performance."
- SAP GRC Repository will document and maintain GRC information in a single central system of record, including corporate policies, board of director minutes, regulations, compliance and control frameworks as well as key business processes. SAP GRC Repository will also store and link risk and control libraries to multiple control frameworks and to international regulations. This centralization of key GRC information simplifies risk management, promotes business transparency and cuts the costs associated with GRC initiatives.
- SAP GRC Process Control will offer a risk-based approach that aligns key controls to business risks to promote desired employee behavior and optimize business processes. The process control application will automatically aggregate business process risks for the entire enterprise, provide supporting evidence of compliance, pinpoint control violations to prioritize corrective action and prevent material weaknesses from developing and persisting. The software will integrate automated control monitoring for SAP and non-SAP applications.
- SAP GRC Risk Management will help customers to implement collaborative risk management processes that provide a thorough analysis of key business risks at multiple levels of the enterprise, across organizational entities, business processes and IT infrastructure. SAP has designed intuitive and collaborative processes to guide professional risk managers and business owners in identifying financial, legal and operational risks, analyzing business opportunities in light of these risks, and developing appropriate responses.