SAP Delivers Best Practices for GRC Access Control Solution
(Archive News Story - Products mentioned in this Archive News Story may or may not be available from the manufacturer.)
Press release date: September 5, 2007
Developed in Conjunction with GRC Customers and Partners, SAP(R) Best Practices Offering for SAP(R) GRC Access Control Accelerates Compliance Implementations, Reduces Risks and Lowers Costs
WALLDORF, Germany, Sept. 5 -- Drawing on the proven, best-in-class implementation expertise of its governance, risk and compliance (GRC) customers and partners, SAP AG (NYSE:SAP) today announced the availability of a new SAP(R) Best Practices offering in support of SAP(R) GRC Access Control, a market-leading application for monitoring and enforcing user access and authorization controls. Leveraging the key learnings and proven implementation know-how of SAP GRC customers and partners across multiple industries and geographies, this new SAP Best Practices offering provides SAP GRC Access Control customers with common out-of-the-box business processes and scenarios, pre-configuration settings, and support, methodologies and documentation to help accelerate their compliance solution implementations while reducing risk and controlling costs.
SAP Best Practices offerings enable customers to benefit from the company's 35-plus years of industry leadership in business applications. SAP customers around the world use SAP Best Practices to fast-track solution implementations, improve operational excellence and accelerate return on investment. This new SAP Best Practices offering has been specifically designed for SAP GRC Access Control, a key component of SAP(R) solutions for governance, risk and compliance (SAP solutions for GRC). SAP GRC Access Control helps prevent fraud and misuse of information and helps maintain compliance with international financial reporting and risk management regulatory mandates. The SAP Best Practices offering for SAP GRC Access Control is immediately available to SAP customers as a free download at http://help.sap.com/bp_grcv152/GRC_US/HTML/index.htm
"We look forward to using the project accelerators from SAP Best Practices for SAP GRC Access Control soon," said Sekhar Palli, senior director, Enterprise Applications at Credence Systems Corporation, a provider of debug, characterization and automatic test equipment (ATE) solutions for the global semiconductor industry. "Even though our project is already underway, we believe the packaged process documentation and guides can accelerate the knowledge transfer to our own project team members and our end users. Working with our implementation partner, DGN Technologies, we look forward to taking advantage of the offering's proven, best-practices approach to implement SAP GRC Access Control where possible, while still providing us the flexibility to tailor and optimize the configurations to our specific requirements."
"The rising number of regulations worldwide is driving the costs of compliance and a need to more efficiently manage internal controls," said Ranvir Singh, president and CEO of DGN Technologies, an IT services and implementation firm. "As an SAP systems integrator, we're seeing considerable demand from our customers for SAP solutions for GRC, including SAP GRC Access Control, to help them navigate this increasingly complex compliance world. SAP Best Practices for GRC Access Control will provide a consistent and proven methodology to fast-track successful implementations, minimize time to compliance and generate faster ROI."
SAP GRC Access Control provides a comprehensive, cross-enterprise set of preventive and detective access controls that enables all corporate compliance stakeholders - including business managers, auditors and IT security managers - to collaboratively define and oversee proper segregation of duties (SoD) enforcement, one of the key controls for regulatory compliance and data privacy. The access control application from SAP addresses critical customer requirements for risk analysis and remediation, enterprise role management, compliant user provisioning and superuser access management. Hundreds of companies worldwide use SAP GRC Access Control to help them manage their compliance process for access and authorization control and remain compliant with an increasing number of regulatory mandates.
"We've begun using the new SAP Best Practices offering for SAP GRC Access Control with our clients, and already we're seeing a significant increase in implementation speed, efficiency and results," said Harry Sandhu, president of Savera Systems, a GRC consultancy and systems integrator. "There's no more reinventing the wheel. With SAP Best Practices, from the get-go we're able to leverage a proven, turnkey, highly flexible framework that saves considerable time, money and resources on deployment, allowing our team and our clients' staff to focus on other important business priorities."
SAP Extends Position as Compliance Market Leader
Leading companies around the world are increasingly turning to SAP to help them meet their compliance needs. In the past year, the number of new SAP GRC Access Control customers has more than doubled, with particular strength seen in the consumer products, high tech, chemicals, oil and gas, life sciences, and utilities industries. SAP GRC Access Control is available and being used by leading organizations in all major geographic regions.
"Due to the increasing complexity of regulations and the damage that non- compliance can cause companies, we continue to see a sharp rise in demand for our GRC solutions, with SAP GRC Access Control being one of the most requested solutions within the SAP GRC portfolio," said Narina Sippy, senior vice president and general manager, Governance, Risk and Compliance Business Unit, SAP AG. "True to our mission to provide best-of-class solutions for GRC by combining business-critical applications with deep industry expertise, we've added the new SAP Best Practices offering for SAP GRC Access Control to further enhance our offering and safeguard our customers' success."
SAP GRC Access Control has been evaluated in recent months by leading industry analyst firms. In February 2007, Gartner rated SAP as a "Strong Positive," the firm's highest rating possible, in its "MarketScope for Segregation of Duties Within ERP, 2007" report.(1) In Forrester Research's "Segregation of Duties: A Building Block for Enterprise IT Controls" report, issued in March 2007, the independent analyst firm evaluated eight application controls monitoring and automation vendors for their ability to meet four critical criteria, with SAP successfully meeting all requirements and lauded for its "strength in access controls and SoD for the SAP environment."(2)
About SAP Solutions for GRC
SAP solutions for governance, risk and compliance (SAP solutions for GRC) promote business viability by unifying corporate strategy, control initiatives, opportunity discovery and loss mitigation across the extended enterprise. A unified approach to GRC overcomes the challenges of driving corporate strategy, regulatory compliance and risk management across disconnected systems, regions and functions, creating increased business performance and competitive advantage. SAP solutions for GRC processes are enabled across SAP and non-SAP systems, working together with GRC ecosystem partner content, technology and applications to provide the most effective solution for governance, risk and compliance available today. Currently more than 2,200 companies worldwide use SAP solutions for GRC. For more information about SAP solutions for GRC, please visit http://www.sap.com/grc.
SAP is the world's leading provider of business software*. More than 41,200 customers in more than 120 countries run SAP(R) applications-from distinct solutions addressing the needs of small and midsize enterprises to suite offerings for global organizations. Powered by the SAP NetWeaver(R) platform to drive innovation and enable business change, SAP software helps enterprises of all sizes around the world improve customer relationships, enhance partner collaboration and create efficiencies across their supply chains and business operations. SAP solution portfolios support the unique business processes of more than 25 industries, including high tech, retail, financial services, healthcare and the public sector. With subsidiaries in more than 50 countries, the company is listed on several exchanges, including the Frankfurt stock exchange and NYSE under the symbol "SAP." (Additional information at http://www.sap.com/)
(*) SAP defines business software as comprising enterprise resource planning and related applications such as supply chain management, customer relationship management, product life-cycle management and supplier relationship management.
Copyright (C) 2007 SAP AG. All rights reserved. SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serve informational purposes only. National product specifications may vary.
For customers interested in learning more about SAP products: Global Customer Center: +49 180 534-34-24 United States Only: 1 (800) 872-1SAP (1-800-872-1727)
1. Gartner, "MarketScope for Segregation of Duties Within ERP, 2007," by Paul E. Proctor, Jay Heiser and Neil MacDonald, February 9, 2007.
The MarketScope is copyrighted 2007 by Gartner, Inc. and is reused with permission. The MarketScope is an evaluation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MarketScope, and does not advise technology users to select only those vendors with the highest rating. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
2. Forrester Research, "Segregation of Duties: A Building Block for Enterprise IT Controls," by Michael Rasmussen and Paul Hamerman, March 20, 2007.