SAP GRC Strategic Solutions

The collaborative effort to align core business components, resulting in sustainable and generally acceptable high practices and principles, is achieved through Governance, Risk and Compliance (GRC). With in-depth knowledge in SAP Human Capital Management (HCM) and SAP Financials (FI), EPI-USE offers strategies to help your organization achieve true business benefits and value across the enterprise, through which the organization manages its adherence to internal guidelines, manages risk exposure and complies to industry and statutory regulation.

Scope

• GRC complies with local and international legislations and regulations across all areas of the organization.
• GRC drives internal and external audit reviews.
• GRC automates and monitors the internal control landscape.
• GRC serves as an early warning system, detecting potential for fraud and risks.
• GRC houses and maintains all the controls and risks identified.
• GRC connects to all ICT systems as a blanket over the entire organization.
• GRC provides specific reports on Auditing tests.
• GRC reports on environmental risks and standards as well as any custom
levels that must be reached.
• GRC includes Audit, Finance, HR and ICT as its primary stakeholders.

Security Services

EPI-USE provides a wide range of Security Services, including wall-to-wall security implementations. These services include:

• Design and implementation of security for SAP ECC, Portal, BI/BW, SRM, SCM, CRM.
• Redesign of security roles to meet new requirements and/or streamline security roles.
• Strategies to simplify security maintenance.
• Conversion to context-sensitive roles for HCM Security.
• Design and implementation of Indirect Role Assignment (aka position-based security).
• Automatic portal role provisioning based upon backend user roles.
• End-to-end user management: from hire to retire and provisioning all the relevant access to perform the jobs in between.

General Benefits

• Executives and Senior Management have access to current customized reports across all business lines.
• Governance interests are overseen throughout the organization structure.
• Risks and controls are kept in a central repository.
• Audit costs are cut as GRC will monitor and report on activities.

"GRC is more than a catchy acronym used by technology providers and consultants to market their solutions – it is a philosophy of business. This philosophy permeates the organization: its oversight, its processes, its culture. Ultimately, GRC is about the integrity of the organization [...]." Corporate Integrity, LLC (2007): What is GRC?