SAP BusinessObjects GRC Access Control 10.0 - New Feature Highlights and Initial Lessons Learned
Organizations evaluating technology solutions to enhance their governance, risk and compliance (GRC) processes have an updated offering from SAP to consider: SAP BusinessObjects GRC Access Control version 10.0 (GRC 10.0). This product suite helps risk and compliance teams improve their ability to work with the business by managing risks and controls pervasively and within a single platform. In GRC 10.0, three cornerstone products – Access Control (AC), Process Control (PC), and Risk Management (RM) – are integrated, allowing for pervasive risk management across business processes and user access provisioning activities by improving key automated monitoring and risk reporting capabilities.
The AC product simplifies the remediation and mitigation of segregation of duties (SoD) risk by integrating PC controls and functionality when managing and assigning compensating controls (both automated and manual). AC also allows central management of Firefighter IDs across multiple enterprise resource planning (ERP) systems, streamlines the temporary super-user access log review process by adding workflow capabilities, and enables “business” concepts within the role design and provisioning process.
The PC product simplifies and enhances the process to define and set up automated monitoring of controls and workflow alerts, including monitoring of transactional records and configuration changes. The PC product also provides capabilities around content lifecycle management (CLM), which allows import and export of risk and control libraries across GRC environments. Lastly, the RM product brings risks and controls together by enhancing the integration with AC and PC into a single enterprise risk management platform that provides summarized views representing the different organizational risks and related automated, manual, and security controls from a business process perspective.