Home Page > Case Studies > SAP GRC Implementation

SAP GRC Implementation

Intro
Service and document management company with a large, global presence needed to minimize cost of compliance reporting, reduce risky access monitoring, and Implementation of more effective SoD detection and prevention capabilities.

Challenges
Current organisation needed to improve monitoring of compliance. There was a requirment to have  Access Controls, Process Controls and Risk Management modules in the same system and share common master data elements between them to produce a much more tightly integrated solution.

Scope

  • Cross platform Segregation of Duties matrix

  • Emergency privileged access management

  • Preventive Risk management

  • User access request workflow

  • Automated user provisioning

Key learnings

  • Engagement of Business to feed into SoD matrix is key

  • Internal controls buy-in is essential

  • Adequate training and communication brought real success   

  • Robust GRC integrated  process and procedures

Key facts

  • Total Project Time: 18 months

  • Central IT Investment Cost: (£350K)

  • Achieve compliance cost reduction

  • Audit confidence on SoD management and monitoring, eventually reduced audit cost

Share |