|
su53 sent a team to the GRC 2008 in Orlando, March 10th – 13th to meet others and to find out the latest developments in the world of GRC. An immediate summary of each day is included here and over the next week we will be publishing analyses of the entire event, the key messages we’re picking up on, and giving details of how to contact us to find out more.
Another inspiring day at the GRC conference. Our network of GRC contacts continued to grow. We’ve spent time with some fascinating people, products and ideas:
- Greenlight Technologies has an innovative mechanism for Access Provisioning from SAP Access Control to multiple applications
- Alert Enterprises has taken Access Control to another dimension, bridging the gap between physical and logical access. Imagine an integrated system which considers risks on this level – e.g. which users can print cheques from SAP and also access the cheque printing room? This really is taking Access Control to an entire new level
We had a useful insight into the Enterprise Role Management software tool. We were shocked that only 2 delegates out of 120 attending the session had implemented this functionality and neither were using it in a live environment. It seems that the product is starting to mature, but we’re still a long way from it becoming the norm. We did identify a clever way to leverage Role Expert to facilitate user remediation in a SOD management exercise. Contact us for more details. We also noted the various scenarios when RE could be used to compliment or even replace the back-end profile generator functionality.
The Process control sessions have given a great insight into the new tools. We are excited about the functionality and how the SAP GRC suite will interact to fulfil the risk demands of complex global organisations. The message from the SAP staff has been very consistent. It is clear that the GRC tools are all an integral part of the GRC roadmap. From our discussions with some of the world’s leading brands it is also apparent that customers are no longer thinking about the tools as tactical to meet their short term issues. They are now looking to SAP to enable their risk management and compliance efforts. This is not just about reducing costs, but also increasing agility and competitiveness. In one of the Process Control demos we noted how SAP Process Control was used to integrate a newly acquired business into a global SOX relevant organisation.
The exhibition phase of the conference is now complete. We’ve packed up the stand and retired for the evening. It’s been an exhausting week, but an inspiring one. Can’t wait to bring the rest of the su53 team up to speed on our trip.
|
