Governance, Risk and Compliance Management SAP Solutions for GRC. Holly Roland GRC Solutions Marketing SAP

Transcription

1 Governance, Risk and Compliance SAP Solutions for GRC Holly Roland GRC Solutions Marketing SAP

2 Fragmentation increases risk Managing risks is everyone s job Board, Audit Committee Executive compensation practices SALARIES Executives & Managers Incomplete global risk profile Compliance / Risk Office Disconnected risk analysis IT Operations Data leakage & security Procurement Supplier black lists? Sales, Finance Complex, international compliance requirements Human Resources Employee safety compliance Service High credit risk customers Supply Chain Customers & Channel

3 Unidentified risks impact performance National Headlines Agency Delayed Reporting Theft of Veterans Data May 24, 2006, New York Times Data Theft at Nuclear Agency Went Unreported for 9 Months June 10, 2006, New York Times Bomb Scare shuts Port s Terminal 18 Aug 18, 2006, The Seattle Times High Tech Manufacturer Violates E.U. Pollution Law Jul 06, 2006, CIO Tech Informer

4 Overcome fragmentation, gain transparency with GRC Board, Audit Committee Evidence for decisions & directives Compliance / Risk Office Integrated risk analysis Procurement Anti-terrorist trade practices IT Operations Secure IT infrastructure SALARIES Executives & Managers Increased confidence in business results Finance Global financial reporting compliance Human Resources Environmental health & safety compliance Sales, Service Balanced credit profile Supply Chain Customers & Channel

5 Implement management by exception Turn GRC into a strategic advantage Cost of GRC Tactical Approach Available for Investment Holistic Approach # of GRC projects

6 SAP Solutions for GRC The framework for a holistic approach to GRC Business Process SAP Solutions for GRC Industry-Specific GRC Cross-Industry GRC GRC Repository: Documentation & Monitoring Access Controls Risk Global Trade Environmen t Process Controls Business Process Platform Business Applications

7 SAP GRC Ecosystem 2 Build the community, deliver best practices, extend the value Business Process SAP GRC Ecosystem 2 SAP Solutions for GRC Industry-Specific GRC Cross-Industry GRC GRC Repository: Documentation & Monitoring Access Controls Risk Global Trade Environmen t Process Controls Business Process Platform Business Applications

8 SAP GRC Repository Central system of record drives governance, increases transparency Governmental Influence Centralizes knowledge base of content contributed from GRC Ecosystem 2 Agencies Performance Measures & Benchmarks BOD & Committee Minutes Best Practices Regulations & Industry Mandates GRC Repository Councils Risk & Control Libraries Corporate Policies & Procedures Control Frameworks (COBIT, JSOX, ) Rationalizes controls against multiple frameworks Stores evidence to support executive decisions and board directives Advisory Services (Auditors, Attorneys) Internal Policies

9 SAP GRC Risk Award-winning application balances opportunity and risk Respond Monitor Actionable, role-based dashboards & alerts Balance cost of risk avoidance and opportunity Balances opportunities with financial, legal, and operational risks Increases accuracy and predictability of risks at all levels of the enterprise Identify & Analyze Collaborate and aggregate across the enterprise Minimizes impact of market penalties from high-impact events Plan Establish risk appetite and thresholds

10 Environmental Product Compliance Compliance for Products - based on SAP Environment, Health and Safety Cross-Industry Industry Specific Occupational Health Industrial Hygiene and Safety Hazardous Substance Product Safety Dangerous Goods Waste Emissions Product Compliance SAP xem Emissions CfP Compliance for Products SAP EH&S Comprehensive and complete business solution for environment, health and safety management Implemented Design for Environment & Compliance to reduce operational costs (by 505 in some areas) while staying compliant Simplified environmental reporting and transparency

11 Cross-Industry GRC Secure and expedite cross-border transactions 35 documents for cross-border shipments 600 trade laws 500 trade agreements Avoid delays at borders to ensure fast delivery to customers Expedite customs clearance to reduce costly buffer stock Make the most of international trade agreements Take advantage of export refunds SAP Global Trade Services Ensure full regulatory compliance, expedite customs clearance, mitigate financial risk of global transactions, take full advantage of international trade agreements Export Import Trade Preference Restitution

12 Effective GRC pays off Share-price performance of companies complying with internal-control rules called for under SOX Up 27% Up 25.7% Reported I-C weakness in both 04 and 05 No I-C weaknesses in 04 or 05 I-C weakness in 04, but none in 05 Down 5.7% Source: Wall Street Journal, Lord & Benoit, LLC

13 Automated GRC management will increase the gap in shareholder value Up 30% Up 20% Continued Internal Control weakness reported No Internal Control weaknesses Remediated Internal Control weaknesses from previous year Down 10%

14 SIMPLICITY A holistic solution for governance, risk and compliance management SAP s Commitment Industry-Specific GRC Cross-Industry GRC Access Controls Business Process SAP Solutions for GRC GRC Repository: Documentation and Monitoring Risk Global Trade Environment Process Controls Service Partners Technology Partners Content Partners Most Comprehensive Framework Part of Every Process Risk Intelligence GRC Partner Ecosystem Business Process Platform Business Applications

15 Governance, Risk and Compliance SAP Solutions for GRC