SAP has launched a new governance, risk and compliance platform that combines and integrates existing GRC and business...
Although styled as version 10 of the SAP BusinessObjects GRC software, the release is an entirely new platform that pulls together the disparate GRC applications from SAP, says Jim Dunham, head of GRC for SAP.
"This is not an upgrade, but represents a migration to a common platform that allows master data to be shared across Access Control, Process Control and Risk Management," he told Computer Weekly.
"The biggest impact will be on SAP Access Control customers, and we have developed significant utilities to help them make the move," he said.
Licensing will also be easy, he says, because customers will have access to all the same, but enhanced functionality after the migration as they had before.
The platform is designed to help executives overcome the common challenges that result from fragmented and disconnected GRC solutions, he says, such as poor visibility into risk exposure.
SAP claims the platform provides the first single, unified environment for comprehensive support of the management, monitoring and analysis of risk and compliance activities.
According to SAP, executives can manage their business proactively and strategically rather than reactively by having GRC activities integrated into core business processes and applications.
Dunham says SAP's GRC 10 represents the next step in the enterprise software maker's strategy of embedding business analytics in business applications.
While business intelligence reports and dashboards are embedded directly within the GRC platform, he says industry, line-of-business and region-specific enhancements are available from SAP partners through the SAP EcoHub.
Another important innovation, he says, is the visual bow-tie builder, which is a collaboration tool for enabling standard structured risk assessment to improve alignment between GRC activities and business processes.
SAP believes that an integrated GRC platform will help companies move from technological and organisational silos to a more consolidated and mature model in which the value of GRC initiatives to the business increases significantly through use of analytics.