Governance, Risk & Compliance

Increased regulation, and significant technology and business transformation holds ramification for GRC teams and strategy. Content in this category targets risk, audit, and compliance leaders and their teams. We will explore best practices from process perspective, but also delve into how organizations are using both SAP and third-party solutions to manage risk, user access, security, data protection and privacy and support their overall controls environment. Explore best practices, and case studies that will help your organization improve their current compliance initiative, apply leading edge technology, and get greater visibility into the key risks and vulnerabilities that impact your organization.


  1. GRC for SAP S/4HANA and Cloud Applications Research Report

    Reading time: 1 mins

  2. Managing the Identity Life Cycle in Hybrid SAP Environments

    Managing the Identity Life Cycle in Hybrid SAP Environments

    Reading time: 13 mins

  3. firefighter

    Brighthouse Financial Accelerates User Provisioning Cycles

    Reading time: 4 mins


  1. Serrala

    Reading time: 4 mins

    Before integrating Saviynt’s Identity Governance and Administration (IGA) solution and SAP Access Control, Brighthouse Financial ran an entirely manual user provisioning process using an access request feature in SharePoint. This case study explains how the Fortune 500 company improved their user provisioning processes for SAP products with SAP Access Control and then implemented Saviynt’s IGA…
  2. Keynote | GRC and Security Spotlight Session

    As the single-source of truth about an enterprise's strategy and operations, SAP S/4HANA is the beating heart of today's modern enterprises. The executive suite increasingly relies upon the CFO and Finance team to deliver strategic, predictive insight to chart a winning business strategy. At the same time cybersecurity and data protection have emerged as the…
  3. Case Study: Innovation in Audit Management – Enabling True Alignment Between Risk & Audit at Equinor

    Driven by the need to effectively translate company strategy, ambitions, and risks into actions and results; Equinor, a multinational energy company with operations in more than thirty countries, is utilizing an integrated performance management and risk solution powered by SAP UI5, SAP BW on HANA, SAP BusinessObjects Lumira, and SAP Analytics Cloud. Taking it one…
  4. Compliance goes digital – new and updated SAP solutions for Internal Controls and GRC

    SAP is now applying its strategy to move towards mobile devices to the GRC. Therefore it has implemented a large portion of the relevant GRC functions on a Fiori Launchpad. These now appear as tiles (on that Launchpad) and offer a unified entry point for all GRC Fiori Apps. Also, each user is able to…
  5. Taking Control of your GRC Destiny: How to Build and Execute a Realistic SAP GRC Compliance Roadmap

    Learn how to shift from a GRC plan that’s reactionary, to one that is proactive and preventative. Dive into the capabilities of SAP’s multiple solutions for GRC and learn how they can be tailored for your current scenarios and also prepare for future needs. Understand the process of building a GRC road map the can…
  6. How ÇİMSA Implemented Access Control 12.0 with Position Based Role Architecture

    In the scope of GRC Access Control and Role Re-design project that we implement at Çimsa, we will share our insights for the implementation of all four sub-modules of GRC Access Control, and also how our position-based authorization approach ensures that the on-boarding and change boarding processes are managed effectively and without manual intervention. In…
  7. Why Everyone’s Segregation of Duties Reports are Wrong

    Even without the COVID-19 pandemic, all organizations need to be as efficient as possible when managing Segregation of Duties (SoD) conflicts. SoD reports are flawed and drive inefficiencies in business processes. The flaws also cause organizations to cut corners and limit their visibility to SoD conflicts. By recognizing the issues with your SoD reports, you…