October 11, 2010 // By: Christiane Stagge // Abiding by the Rules – Digitally
SAP provides GRC solutions from the SAP BusinessObjects portfolio. The products are tailored to the automotive industry, the banking sector, the chemicals and consumer products industries, the healthcare sector, the high tech and electronics industry, and the public sector. The software supports all current standards, including Basel II, the Sarbanes-Oxley Act, and the International Financial Reporting Standards (IFRS).
SAP BusinessObjects Risk Management analyzes, monitors, and documents potential risks. Using the application, you can create standard risk profiles. Because SAP BusinessObjects Risk Management is a business intelligence (BI) solution, you can simulate what-if scenarios. These enable you to analyze risks with regard to their probability and play through new business scenarios. Role-based dashboards tailored to the company’s authorization concept are another interesting feature. When the dashboard is launched, key figures and warning notifications provide information about possible risks.
With the SAP BusinessObjects Process Control application, you can automatically monitor and control business processes such as procurement, order processing, and financial reporting. Where manual control tests are necessary, they are automatically forwarded to the employees responsible.
The SAP BusinessObjects Global Trade Services application helps you reduce the cost and risk of international trade. It supports companies in complying with import and export regulations and fulfilling local and regional requirements. The application also works with non-SAP systems. SAP BusinessObjects Global Trade Services maps global supply chains and supports electronic communication with authorities. Other functions include global import and export processing, trade preference management, and restitution management.
SAP’s portfolio also contains special products for environment, health, and safety management: The SAP Environment, Health, and Safety Management (SAP EHS Management) application helps companies implement environmental directives and supports regulations related to products and materials, while SAP Recycling Administration ensures compliance with worldwide legislation on packaging and batteries, and with the disposal of waste according to the European Union’s WEEE (Waste Electrical and Electronic Equipment) directive.
IT governance is part of corporate governance, and focuses on companies’ information technology systems and their performance and risk management. IT governance deals with all regulations (for example, the principles for proper computer-based accounting systems), processes, and IT resources such as staff, technology, documentation, and personnel availability.
IT risk is the risk connected with information technology that always exists if requirements are not met, for example, if data gets lost. Companies therefore endeavor to keep IT risks as low as possible, using risk management or security management. Special software enables organizations to identify, measure, and manage risks.
IT compliance is the observance of regulations and legislation within a company’s IT systems. Software for security and risk management helps companies abide by the rules. To prove that they meet IT compliance regulations, companies must regularly demonstrate their risk management mechanisms.
When talking about compliance, there’s a distinction between compliance of IT and compliance through IT. Compliance of IT means that all of a company’s IT systems comply with the applicable rules and laws. Compliance through IT means that these rules and laws are mapped in a company’s IT systems, for example, in payroll or the human resources department.