1. Governance, Risk & Compliance SAP Live and Local Webcast Tour ‘08 5 June, 2008 [email_address]
2. Fragmentation Managing with confidence is difficult in an increasingly complex world Board of Directors Finance Legal Sales Contracts HR Controller IT Policy Mgmt. Audit & Compliance Treasury Australia U.S.A Japan U.K. France China Germany India Compliance Compliance Compliance Compliance Compliance Governance Compliance Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Risk Mgmt. Governance Security Proj. Mgmt. Doc. Mgmt. Contracts Planning Customers ERP Production Billing ASX Principle 7 CLERP 9 Credit Risk Human Capital Risk Segregation of duties SOX ROHS WEEE Project Risk Compliance Risk Mgmt. Governance
3. Integrated GRC Forward looking organizations are seeking a unified approach to GRC Australia U.S. A. Japan U.K. France China Germany India Compliance Compliance Compliance Compliance Compliance Governance Compliance Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Governance Risk Mgmt. Risk Mgmt. Risk Mgmt. Governance Compliance Risk Mgmt. Governance Security Proj. Mgmt. Doc. Mgmt. Contracts Planning Customers ERP Production Billing Board of Directors Finance Legal Sales Contracts HR Controller IT Policy Mgmt. Audit & Compliance Treasury ASX Principle 7 CLERP 9 Credit Risk Human Capital Risk SOX ROHS WEEE Project Risk Segregation Of Duties
4.
5. SAP GRC Access Control Sustainable prevention of segregation of duties violations Cross-enterprise library of best practice segregation of duties rules Compliant User Provisioning Prevent SoD violations at run time Superuser Privilege Management Close #1 audit issue with temporary emergency access Periodic Access Review and Audit Focus on remaining challenges during recurring audits (Stay in Control) (Stay Clean) Risk analysis, remediation and prevention services Enterprise Role Management Enforce SoD compliance at design time Risk Identification and Remediation Rapid, cost-effective and comprehensive initial clean-up (Get Clean) Minimal Time To Compliance Continuous Access Management Effective Management Oversight and Audit
6.
7.
8.
9.
10. SAP GRC Access Control Compliant Provisioning Enables Compliant End-to-End Provisioning “ hire to retire” Current Approach—Inefficient, Not Compliant email email spreadsheets, paper forms spreadsheets, paper forms Access Request Manager Approval Role Owner IT Security Manual Provisioning