GRC 2008 Day 2 (Tuesday)

Home

su53 sent a team to the GRC 2008 in Orlando, March 10th – 13th to meet others and to find out the latest developments in the world of GRC. An immediate summary of each day is included here and over the next week we will be publishing analyses of the entire event, the key messages we’re picking up on, and giving details of how to contact us to find out more.

Another great day, meeting some inspirational people, taking time to meet providers of ancillary products that could help our clients, and attending many of the briefing sessions. We’ve also had a good look at the GRC Risk management and Process Controls solutions – more to follow on these below. Today saw a definite increase on the number of visitors to the stand, with a massive range of organisations from ExxonMobil and Nestle to UK based SME’s wanting us to do everything from challenge their global GRC upgrade plans to host GRC for them.

Martyn Proctor & Jasvir Gill, founder of Virsa Systems

Perhaps one of the highlights of the day was talking with Jasvir Gill, founder of Virsa Systems and ex-General Manager of SAP GRC. From thinking security was an issue and suggesting a few tools he could let his clients use, the business developed and within 5 years was acquired by SAP. Jasvir now incubates new businesses and has a passion for supporting businesses, innovation and education. It must be a strange feeling for him to be here and see this massive event all about his brainchild from a relatively few years back.

Later on we had a long discussion with Gary Dickhart, one of SAP’s thought leaders in GRC. This was another lively discussion, sharing ideas about how best to make GRC truly effective and – based on the 200+ implementations he has seen – what makes for success or failure in achieving real risk improvements.

We attended a useful session on Risk Management 3.0. It’s clear that the future landscape will provide management with an overview of the organisational risk which will be updated real time from Access Control, Process Control and even transactional systems, EH&S or CRM. This tool also provides management with a mechanism for quantifying the cost of risk events and gathering statistical trends which help reduce the likelihood and impact of future events. SAP has introduced 200+ KRI’s(Key Risk Indicators). These Key risk indicators are used to identify factors which change the probability of a risk from occurring in the future.

Gary Carter, su53 Solutions

Other sessions we attended during the day included ideas on how to accelerate Process Control and Access Control implementations, an area that su53 Solutions is already passionate about.

In general terms, the whole event has served to highlight to attendees that GRC is all about corporate accountability and that all the tools in the SAP GRC suite all play their part in helping an organisation achieve various aspects of compliance.

We’ve also met the team responsible for GRC support and have agreed to collaborate with SAP on the standard rule-set for Compliance Calibrator. We discussed the different support offerings that SAP can provide and have identified some opportunities for our existing GRC customer base. We’ll be in touch with the details!

[ Back ]

© 2006-2008 su53 Solutions ltd - SAP Security & SAP GRC
SAP® is the registered trademark of SAP AG in Germany and in several other countries.