Governance, Risk & Compliance

Increased regulation, and significant technology and business transformation holds ramification for GRC teams and strategy. Content in this category targets risk, audit, and compliance leaders and their teams. We will explore best practices from process perspective, but also delve into how organizations are using both SAP and third-party solutions to manage risk, user access, security, data protection and privacy and support their overall controls environment. Explore best practices, and case studies that will help your organization improve their current compliance initiative, apply leading edge technology, and get greater visibility into the key risks and vulnerabilities that impact your organization.


  1. GRC for SAP S/4HANA and Cloud Applications Research Report

    Reading time: 1 mins

  2. Managing the Identity Life Cycle in Hybrid SAP Environments

    Managing the Identity Life Cycle in Hybrid SAP Environments

    Reading time: 13 mins

  3. firefighter

    Brighthouse Financial Accelerates User Provisioning Cycles

    Reading time: 4 mins


  1. Deloitte Corporate logo image


    Reading time: 4 mins

    Before integrating Saviynt’s Identity Governance and Administration (IGA) solution and SAP Access Control, Brighthouse Financial ran an entirely manual user provisioning process using an access request feature in SharePoint. This case study explains how the Fortune 500 company improved their user provisioning processes for SAP products with SAP Access Control and then implemented Saviynt’s IGA…
  2. Avoid Audit Problems by Building Controls as Part of Your Implementation Life Cycle

    Reading time: 25 mins

    /GRCTo have an efficient and effective control design process, certain risk and control activities need to occur during the implementation process. These activities reduce the potential for audit issues and minimize future rework. By following this strategy you significantly increase the likelihood of having a successful implementation and a pain-free audit. Key Concept Controls are…...…
  3. SAP GRC Global Trade Services Eases Product Classification

    Reading time: 9 mins

    Discover how you can use the classification tool available in SAP Governance, Risk, and Compliance Global Trade Services to maintain and assign the export/import classification, Commodity Code, and the Harmonized Tariff System. Key Concept An Export Control Classification Number (ECCN) is a specific five-character alpha-numeric number used to identify the level of control for an…...…
  4. Key Facts Every Company with Canadian Connections Needs to Know About Legal Deductions

    Reading time: 16 mins

    Learn how your SAP system helps you to complete legal deductions in Canada for federal and provincial taxes, the Canada Pension Plan/Québec Pension Plan (CPP/QPP), and Employment Insurance (EI). Key Concept If your company is located in Canada, has recently opened a division there, or has hired Canadian employees, you must account for the legal…...…
  5. Get Your System Clean with Compliant User Provisioning

    Reading time: 22 mins

    Audit-proof your daily user management with SAP GRC Access Control’s Compliant User Provisioning capability. Learn about its main features and see an example of how to set it up for requesting, approving, and providing access to your business target systems. Key Concept Auto-provisioning refers to the automatic creation or change of user IDs and their…...…
  6. Expanded Features for Embargo Searches in SAP GRC Global Trade Services

    Reading time: 5 mins

    Discover the expanded functionalities and flexibility of embargo checking in SAP GRC Global Trade Services. See how easy it is to make sure you’re not shipping to or from an off-limits country. Key Concept Embargo checking allows you to screen the ship-to country for export transactions and ship-from country for import transactions. It also allows…...…
  7. Get Your System Clean with Risk Analysis and Remediation

    Reading time: 41 mins

    Become and stay Sarbanes-Oxley compliant with Risk Analysis and Remediation. Learn about its main features, technical architecture, and setup. Key Concept SAP GRC Access Control delivers controls that identify and prevent access and authorization risks in cross-enterprise systems. The controls prevent fraud and reduce the cost of continuous compliance and control. SAP GRC Access Control…...…
  8. Configure and Implement the Proper Internal Controls Up Front for an Easier Audit

    Reading time: 31 mins

    Having to go back and change your SAP system or your related business processes to deal with audit concerns takes time away from your daily operations and results in unnecessary distractions. By configuring your SAP system appropriately and designing your related business processes to effectively address your business risks, you can save significant effort. This…...…
  9. How to Prepare for an SAP Audit: What You Need to Do to Ensure a Successful Result

    Reading time: 2 mins

    It’s audit time! Do your employees know what to do? You’re not alone if they don’t. There are books and newsletters and Web sites to tell your auditor what to do, but until now, nothing for the poor “auditee.” That’s about to change. This article, the first in a series, is designed to help SAP…...…
  10. Address Problem Users for Compliance

    Reading time: 14 mins

    Discover how to easily build a role for technical batch or interface users who are very difficult to track — even if they have held SAP_ALL in production for years. Key Concept Every company has cross-functional and cross-technical batch users who run jobs to post data and reorganize tables. They are the do-it-all technical users…...…