The leading vendor of enterprise software, based in Walldorf, Germany,
introduced an integrated set of solutions to help enterprises
manage their GRC issues.
The solutions build on existing SAP solutions, as well as applications that
SAP acquired when it purchased compliance solutions vendor Virsa in May.
The first solution, called GRC Repository, will allow companies to document
and maintain GRC information, such as corporate policies, board of director
minutes, regulations, compliance, control frameworks and key business
processes in a central system of records.
executive vice president and general manager of suite optimization products
and technology at SAP, said that consultants in the compliance arena, regulatory bodies and
other vendors will also be able to contribute to this repository.
The second solution, GRC Process Control, automatically aggregates business
process risks for the entire enterprise, provides supporting evidence of
compliance, pinpoints control violations to prioritize corrective action and
prevents material weaknesses from developing and persisting.
The software will integrate automated control monitoring for SAP and non-SAP
“It allows companies to manage hugely heterogeneous landscapes,” noted
The third component of the offering, GRC Risk Management, helps enterprises
implement collaborative risk-management processes.
Merritt said the solution will help risk managers and business owners
identify financial, legal and operational risks, analyze business
opportunities in light of these risks, and develop appropriate responses.
The key to all three solutions, the company said, is that they give
line-of-business executives greater visibility of how governance and risk-management policies are implemented and followed in the course of doing