Companies have to pick there way through a complex web of rules, regulations and standards (for example global and national accounting principles).

The complexity is increasing as we face the potential for global emissions schemes and carbon trading.

We have to keep track of and report on a wide range of issues.

And it’s not just about numbers. Companies trading across national borders, for example, must report on products they move, and comply with quarantine and customs regulations.

Over and above this, companies are keen to establish their credibility with the communities in which they operate, to shareholders, customers and governments. They also want to reduce their operational risks.

Our SAP GRC expertise helps you to:

• Improve your accountability
• Better manage your business risks
• Achieve compliance with the regulations relevant to your business
• Improve operational performance

Governance

Governance is an over arching concept that includes risk and compliance, business ethics, how you conduct your business, and accountability (to whom, and how).

The SAP GRC solution to governance issues is emerging as the parameters of the concept are extended.

Risk and compliance are at the core of SAP’s approach to governance.

Risk

Our GRC expertise can help you to monitor and manage your business risks – to identify and mitigate them. Business risks include, for example, commercial, financial, public, shareholder – anything that could go wrong and threaten your business.

It helps you to identify risks, define mitigation steps, monitor activities and risk profiles, and provide alerts where risk increases.

GRC can also work with other Plaut offerings, such as media monitoring (to scan media for signs of increased risks, such as industrial action or other impacts on suppliers).

Risk monitoring operates on two measures of risk – impact and probability – to produce overall ratings.

Compliance

The compliance component of GRC helps your company to reduce the risk of fraud. It is based on the protocols established in the US Sarbanes-Oxley Act of 2002 (commonly called SOX compliance).

It defines and segregates allocation of duties, and controls authorisations. For example, it will verify the combination of authorisations in a process to ensure that no one within your organisation can create an artificial supplier and make fraudulent payments to themselves.

We can assist you to use SAP Access control to further improve your internal compliance procedures.

Access Control will analyse securities and combinations of authorisations within SAP to detect those that are critical and identify unusual or risky combinations.

It’s all about strategy

The reports produced by the SAP GRC modules are just the beginning. We can work with you to introduce changes to your organisation to address the risks identified by the GRC modules. We can help with process and structural issues, and with introduction of changes to your work force.