|
SAP®BusinessObjects GRC Enterprise Risk Management can help organisations to proactively manage their risk throughout the entire risk management life-cycle, including risk planning, risk identification and analysis, risk response and risk monitoring.
By bringing together previously disparate risk management activities, the application helps improve the effectiveness and efficiency of activities and facilitates a consistent, balanced approach towards the management of the entire spectrum of risks across all business activities, across applications and throughout all business areas.
This enterprise wide collaborative approach to risk management enables organisations to better understand their risk profile across the organisation at any given point in time. Greater understanding of the risk distribution across the organisation helps managers at all levels of the organisation to focus on the risks which are important to them and their area of responsibility.
The ability to see an aggregated view of all risks and their status by business area provides managers with the data needed to make informed and calculated decisions; enabling them to take advantage of opportunities when they arise and mitigate negative impacts.
The benefits of implementing SAP®BusinessObjects GRC Enterprise Risk Management are numerous; the following are some of the key benefits:
| Consistency | Risk categories are aligned to strategic objectives at the enterprise level Consistent risk management processes reviewed against best practice; risk identification, definition and analysis, response and monitoring Consistent execution of risk management activities across the organisation Key processes, risk areas and thresholds identified at the enterprise level | | Objectivity | Consistent risk assessment allows for a balanced, objective view of risk across different risk categories, e.g. process related, access related, reputational | | Relevance | Tailoring of risks to different organisational areas increases the relevance and utility of information and activities to management | | Timeliness | Real time information on the status of risks and risk management activities Notification of threshold breaches or frequently occurring risks enables early assessment and intervention | | Automation | Automated risk identification against key indicators Automated monitoring of risks Workflows allow automation of risk analysis, assessments and reviews Integration with SAP GRC Process Controls and Access Controls |
Whilst the current offering focuses on improving the effectiveness and efficiency of risk management activities, the next release (v 3.0 due for ramp up in Q1 2009) extends functionality to enable preventative management of risks. Key features include:
The definition and automatic monitoring of key risk indicators (KRIs) enables early alerting of potential risk events
Risk scenario planning enables what-if analysis of potential future scenarios improving the efficiency and effectiveness of potential responses.
Future developments will extend functionality further towards the prediction of risk events.su53 Solutions is launching several offerings for SAP GRC Enterprise Risk Management.
Full Enterprise Risk Management
This would embrace the full functionality of SAP GRC Enterprise Risk Management, including the implementation of all risk management processes (planning, identification, assessment, response and monitoring) across all processes, systems and organisational areas.
The implementation could be phased, but the outcome would be enterprise, process and system wide.
Key Enterprise Risk management
This offering would focus on key enterprise risks only, therefore whilst implementing all risk management processes, the scope of implementation would focus on critical risks to the organisation only. This could be beneficial to specialist organisations; organisations with inherently skewed risk profiles, or organisations considering an end state partial implementation.
|
SAP® Security and GRC 
