issuhub.com

SAP - TINET - Tarragona Internet

(Ron) #1 
President) runs reports: what controls have run recently, how many failed,

and which business processes are most at risk. The most important of these

reports is always that which impacts a significant account, or anything that

ends up on the income statement.

The reports are available so that companies can measure and analyze their reg-

ulatory compliance. At a board meeting, management will now ask, “How are

we doing with regard to financial compliance?” and having this quick, up-to-the-

minute status will enable them to ascertain how compliant the company is.

Optimization: Barring risk .................................................................


Finally, the control software should optimize controls by preventing risks from

entering enterprise applications. Companies that implement preventative

measures such as compliant change control (see Chapter 13) and compliant

user provisioning (see Chapter 6) will see a reduction in control violations

because risk never enters the enterprise applications that they use to run

their business.

Getting to Know the SAP Approach: SAP GRC Process Control.............


SAP GRC Process Control is a single solution for enterprise control manage-

ment. It provides centralized control management for automated and manual

controls. It enables management by exception: It prioritizes remediation

activities and gives managers visibility into what is happening in the control

environment. In the next few sections, we look at the highlights of the SAP

GRC Process Control solution.

SAP GRC Process Control provides a single system for automated and manual

controls. It manages financial controls, operational controls, and IT controls

across multiple enterprise systems and aims to improve controls through reg-

ular assessments. Figure 7-2 provides an overview of the bottom-up structure

of SAP GRC Process Control.

Single system of record .....................................................................


To ensure good governance, you need a single system of record. SAP GRC

Process Control includes the SAP GRC Repository, which documents and

stores records for all governance, risk, and compliance information across

136 Part II: Diving into GRC

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.