Mar 16-19, 2026Las Vegas, Nevada, NV
SAP GRC
Featured Insiders
Upcoming Events
SAPinsider Las Vegas 2026
Related Vendors
What is SAP GRC?
Governance, risk, and compliance (GRC) is a vital set of functions for enterprises to maintain secure and audit-friendly environments while being more confident in their actions. For SAP customers, SAP GRC can mean a set of GRC products provided by SAP itself or the GRC activities and technologies related to SAP systems.
What is SAP GRC?
Governance, risk, and compliance (GRC) is a vital set of functions for enterprises to maintain secure and audit-friendly environments while being more confident in their actions. For SAP customers, SAP GRC can mean a set of GRC products provided by SAP itself or the GRC activities and technologies related to SAP systems.
GRC is growing in importance with rapidly changing regulations that create new compliance challenges. Security and financial risks are also on the rise as companies adopt more cloud technologies, enact bring-your-own-device policies, and enable remote workers in greater numbers.
SAP GRC tools are available to help with areas of risk management, process control, financial compliance, threat detection, identity management, privacy governance, and more. SAP partners and other vendors that provide GRC solutions and consulting services include Appsian Security, Fastpath, and Soterion.
Key Considerations for SAPinsiders:
- Take inventory of your GRC processes and automate wherever possible. In our most recent GRC State of the Market research, successful GRC organizations are focused on automation to streamline processes. To do this, processes being automated need to be repeatable and effective. Before investing in GRC automation technology, it’s best to get processes in line. Many companies are automating the process of keeping track of who makes changes to the SAP systems.
- Digital transformation offers the opportunity to rethink GRC processes. If your company is implementing new software such as SAP S/4HANA, it’s smart to use that project as a catalyst to examine key GRC processes and find out how they can be improved. For example, HP set up a new GRC system during its SAP S/4HANA migration, including rethinking its user access processes and segregation of duties (SoD) ruleset. In the past HP relied on a homegrown tool for access control but implemented SAP Access Control and SAP Process Control as a component of its SAP S/4HANA migration.
- Determine the present and future state of remote work at your company, and how that impacts risk and security. Many companies have gone more remote in the past two years. For GRC groups, this provides more challenges for user access and opens companies up to more cyber threats. Map out your remote working landscape and determine what processes and tools you have in place to reduce risk.
97 results
Case Study: Pfizer’s SAP GRC Manual Control Performance governance, maintenance, and operationsOct 21, 2020 — Attend this session to learn how Pfizer, one of the world's largest pharmaceutical companies, manages, operates, and maintains the Manual Control Performance solution within SAP Process Control. Take a deep dive into critical paths, key decisions, process designs, and technical solutions that management should know and consider to successfully operate and maintain Manual Control Performance. Attend this session to:
- Learn how to maintain and manage the MCP operations and change requests
- Discover how to mitigate potential issues and limitations within the change management process and technical solutions •See how to build custom solutions to enhance the MCP job scheduling process and MCP reports
- Learn how to create and customize manual steps within SAP PC to satisfy various control scenarios and update control performers and approvers using transaction code: grfn_ctrl_perf
- Take home a document with popular SAP PC tables used to review and monitor Manual Control Performance
1 minute read
Mitigate Foreign Trade Payment Compliance Risk Using the Cockpit for Documentary PaymentsMar 31, 2017 — Learn how the Cockpit for Documentary Payments can be used to facilitate international customers’ payment compliance, thereby reducing the risk of doing foreign trade. Follow steps to implement the Documentary Payments component in SAP sales and distribution (SD). Key Concept The Cockpit for Documentary Payments provides automated financial documents to facilitate payment guarantee procedures required […]
33 minute read
Assessing and Enhancing ITGC during SAP S/4HANA TransformationMar 29, 2023 — Click Here to View the Session Deck Ulta has a unique liaison team between the implementation team and the Internal Audit team that brings the right mix of business and technology to provide a practical view to achieving ITGC compliance. View this session deck to learn: How Ulta enabled a compliance team to prepare the […]
1 minute read
From Legacy to HANA: How SAP GRC 2026 Redefines Compliance and Data GovernanceNov 13, 2025 — Migration to SAP GRC 2026 on HANA offers an opportunity to revamp compliance and governance in ERP systems by providing real-time risk analytics, integrated control processes, and automation, resulting in faster reporting and stronger security measures.
5 minute read
Case Study: Inside Stericycle’s successful transformation projectOct 21, 2020 — Stericycle’s Project Monarch has successfully transformed over 500 business system processes to a harmonized landscape of just over 50 within four core applications. This has helped reduce customer invoicing from days/weeks/months to seconds/minutes/hours; shorten financial closes from over 28 days to less than a week; and drive management of indirect spend from less than 10% to more than 90%. In addition, attendees to this session will also learn how Stericycle was able to:
- Leverage standard processes to integrate business acquisitions within weeks, rather than months
- Automate and integrate systematic controls to replace manual ones
- Digitize processes to eliminate paper-based systems and add improved accuracy and quality
- Embed real-time data and analytics to replace incorrect, incomplete, and stale data
1 minute read
12 Control Issues That Can Slip Under the Radar — and How to Prevent ThemDec 2, 2016 — Many organizations devote large amounts of time, money, and resources to internal controls testing. Yet in spite of these stringent tests, most businesses suffer from a multitude of controls errors — and many don’t even realize that these errors are occurring. Whether it’s due to user mistakes or intentional misuse, there are a dozen hidden […]
4 minute read
Why Security Timing Determines Success in RISE with SAP TransformationsFeb 2 — Security timing often determines whether RISE with SAP transformations stay on track. This analysis examines how late risk discovery undermines migration, execution, and post–go-live outcomes, and why secure-by-design approaches change delivery discipline.
4 minute read
Manage your SAP Licenses & Authorizations with VOQUZ LabsJan 26 — The video 'Manage Your SAP Licenses & Authorizations with VOQUZ Labs' emphasizes the critical need for effective management of SAP licenses and authorizations to reduce compliance risks and costs, showcasing strategies like the samQ License Optimizer for enhancing inventory clarity and audit risk mitigation.
1 minute read