a company. SAP GRC Process Control leverages all this information and links
it to security frameworks like COSO and COBIT and legislation like SOX, so
that companies gain a clear understanding of their control matrix. It also
helps you to avoid redundancies, take controls and reuse them in different
contexts, and identify control gaps.Continuous monitoring......................................................................
SAP GRC Process Control monitors business process controls for fraud,
abuse, and inefficiencies. It continuously checks for weaknesses in master
data and configuration set-ups and flags specific transactions that show
heightened risks across your company’s critical processes, such as procure-
to-pay, order-to-cash, and reconcile-to-report. (See the next section for more
details on the controls for these vital processes.)SAP GRC Process Control helps eliminate false positives by integrating
directly with enterprise applications and enables your company to drill down
on supporting data for faster solutions to problems.Out-of-the-box monitoring.................................................................
SAP GRC Process Control has a predefined rule set for SAP and non-SAP soft-
ware that companies can adjust with their own parameters to create a wide
variety of custom controls. Companies can quickly ramp up and get controls inFigure 7-2:
SAP GRC
Process
Control.