SAP BusinessObjects GRC Technology Foundation Provides Single, Common Architecture Across Business Analytics, ERP and GRC, Helping Organizations Ensure Safe, Compliant and Productive Operations
SAP AG (NYSE: SAP) today announced the availability of its newest release of governance, risk and compliance (GRC) software, providing a single, unified environment for the most comprehensive support for management, monitoring and analysis of enterprise risk and compliance activities. Nearly three years in the making, the new release integrates GRC capabilities into everyday business processes, helping make risk management, regulatory compliance and safe, productive operations a standard and a consistent practice.
The new release introduces a common look and feel across all applications in the GRC suite; embedded business intelligence (BI) reports and dashboards; and a graphical tool to define and depict risks. The new features make the products easier to use and enable people to garner attention to risks from business managers who have limited GRC expertise. By integrating GRC activities into core business processes and applications, executives can manage their businesses proactively and strategically rather than reactively.
The new release of GRC solutions from the SAP® BusinessObjects™ portfolio is the next step in SAP’s business analytics road map to deliver customer-friendly business software that combines best-in-class analytics with proven SAP business applications. The new release unifies all GRC activities on a standard platform and connects easily to other pieces of the business analytics portfolio for far greater transparency, control and support for corporate strategy
The software offers policy management and audit capabilities, granular security controls, enterprise support and the ability to transport and archive data. It thus helps executives overcome the common challenges that result from fragmented and disconnected GRC solutions: poor visibility into risk exposure; processes that are reactive, inefficient, costly or manual; large time and personnel requirements to effectively manage risk and compliance; and lack of alignment from not having risk and compliance processes embedded within the business.
“As organizations grow, they must manage different types of risks and controls to be successful,” said Paul Proctor, vice president and distinguished analyst, Gartner. “They also have to overcome the challenges of increasing audit and regulatory requirements in distributed environments. GRC management software can help companies succeed by automating traditionally manual processes to identify and manage risk so the organization can pursue new opportunities.”
The SAP® BusinessObjects™ Access Control, SAP® BusinessObjects™ Risk Management and SAP® BusinessObjects™ Process Control applications share processes and data, as well as a common, easy-to-use interface, and specifications for different industries and lines of business. This unified approach helps companies gain complete management of all risks and controls from a single environment. Customers also gain the following benefits:
- Optimized strategic performance through real-time analysis of risk across all lines of corporate strategy. With tools to manage risk and compliance effectively, businesses can operate with far greater risk awareness in order to help improve performance.
- Maximized visibility across all risk, compliance, policy and audit initiatives. By automatically monitoring risk and compliance effectiveness, business managers can identify, respond to and proactively prevent potential risks and compliance violations before they occur. Automatic identification and prioritization of risks combined with proactive alerting and escalations allow managers to take immediate action on the most critical risks and compliance violations.
- Increased operational efficiencies to raise the value and help lower the cost of GRC programs. By automating critical risk management, compliance and monitoring activities, organizations can minimize the associated cost and effort required. Additionally, a standardized technology platform drives lower configuration and management costs and allows companies to take advantage of their employees’ existing SAP skills.
- “Bow-tie” builder for defining and configuring risk and risk metrics. Through an easy-to-use interface, people can work collaboratively with a common language to create methodologies for managing and remediating risks. This helps promote a better understanding of the contexts in which risks are to be assessed, and can help make compliance and risk management more strategic initiatives for the overall organization.
- Policy life-cycle management capabilities automate and simplify policy definition and scoping, review and approval, and overall management processes. This enables companies to implement and support collaborative, transparent policy life-cycle management activities.
- Openness for partner-built content, enabling tailored risk and compliance solutions that meet the specific needs of high-risk and highly regulated industries such as financial services, oil and gas, utilities, aerospace and defense, and life sciences. While advancing each core GRC area, SAP has also worked in parallel to create a platform that allows customers to benefit from the domain and content expertise of the vibrant SAP partner ecosystem.
SAP’s GRC Strategy, Solutions Well Received by Customers and Partners Worldwide
“With users located across the globe and multiple SAP systems, managing user access risk effectively is an audit concern for most companies, and Levi Strauss & Co. is no exception,” said Tammy Amirault, vice president, Information Technology, Levi Strauss & Co. “In our effort to improve Levi’s overall compliance strategy and user provisioning model, the centralized capabilities that the new release of SAP BusinessObjects Access Control delivers are very timely and fit extremely well with the SAP global approach at Levi.”
“The opportunity to experience at this year’s SAP GRC conference the capabilities of the new identity management and SAP BusinessObjects Access Control 10.0 confirmed my belief that GRC will continue to serve Westinghouse as a strategic solution for regulatory compliance and effective identity management,” said Matt Tolbert, global manager, Information Security, Westinghouse Electric Company.
Tapping into the substantial catalog of complementary solutions from the SAP partner ecosystem, the SAP BusinessObjects GRC technology foundation incorporates best-practice processes and content for industry- and line of business-specific risk and compliance management. This enables customers to quickly get up to speed with managing the particular risk and regulatory requirements for their businesses and industries. They also can efficiently support new industry requirements as they arise, identifying and aligning specific risks with the necessary supporting policies and procedures.
“Whenever a new risk or compliance issue hits the news, the question on the mind of every executive is, ‘Can this happen to us?’ and SAP BusinessObjects GRC solutions provide the most comprehensive platform for compliance and risk professionals to answer these types of tough questions,” said Jim Dunham, group vice president, GRC Solutions, SAP. “The best-run companies focus on GRC as an enabler of better business performance that can help them protect value and optimize organizational performance.”
As market leader in enterprise application software, SAP (NYSE: SAP) helps companies of all sizes and industries run better. From back office to boardroom, warehouse to storefront, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable more than 109,000 customers to operate profitably, adapt continuously, and grow sustainably. For more information, visit www.sap.com.
Any statements contained in this document that are not historical facts are forward-looking statements as defined in the U.S. Private Securities Litigation Reform Act of 1995. Words such as “anticipate,” “believe,” “estimate,” “expect,” “forecast,” “intend,” “may,” “plan,” “project,” “predict,” “should” and “will” and similar expressions as they relate to SAP are intended to identify such forward-looking statements. SAP undertakes no obligation to publicly update or revise any forward-looking statements. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. The factors that could affect SAP’s future financial results are discussed more fully in SAP’s filings with the U.S. Securities and Exchange Commission (“SEC”), including SAP’s most recent Annual Report on Form 20-F filed with the SEC. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of their dates.