TOPICS >> Green Accountability | Data Encryption | Governance, Risk and Compliance

Still moving beyond compliance

January 8, 2010 — 9:44am ET | By Jim Kim

The industry tends to gravitate to the same marketing points. Right now, we're all accustomed to the rhetoric that formerly stove-piped processes--such as financial compliance, risk management and governance--all need to be integrated. We've heard it all before. But the marketing point lingers in part because it still resonates with client companies.

It makes a lot of sense to handle GRC as part of a single platform and for that single platform to be integrated with your ERP platform. But most companies are far from that ideal. And most vendors are far from offering a truly all-in-one suite.

Which brings us to SAP. Consultancy Ovum notes the firm's offering is "a combination of in-house development and acquisitions, notably its 2006 purchase of Versa. Today SAP's GRC takes a mainly horizontal approach, with solutions for three main areas: Access control (enforces segregation of duties); process control (monitors key controls for business processes); and risk management (provides risk documentation, monitoring and alerting tools)." But the company is smart enough to extend its SAP-centric data and applications to interact with other environments. Which is smart. This in a microcosm is what's going on at the other macro players, like IBM and Oracle.

For more:
- here's an item

SHARE WITH: