by Anurag Barua, Senior Manager
GRC Expert - Volume 3 (2010), Update 4

Learn a few selected application controls in the order-to-cash area and their importance from an audit perspective. Understand mitigation measures in case these controls are inadequate.

by Frank Rambo, Director, Regional Implementation Group (RIG) EMEA, SAP GRC
GRC Expert - Volume 3 (2010), Update 2

Costs for compliance and fraud prevention have risen significantly in recent years and with the current economic situation we’re likely to manage more regulations in the future, further driving costs up. Companies relish efficiency in the GRC space to garner the true benefits of compliance. One means of more efficient compliance is an integrated solution called Risk-Based Internal Control, which helps ensure continuous compliance with regulatory requirements and company policies including government mandates, industry standards, and internal policies.

by Steve Biskie, Founder, SAPAuditSolutions.com
GRC Expert - Volume 2 (2009), Update 1

Having to go back and change your SAP system or your related business processes to deal with audit concerns takes time away from your daily operations and results in unnecessary distractions. By configuring your SAP system appropriately and designing your related business processes to effectively address your business risks, you can save significant effort. This article provides an overview of how to set up your SAP system properly the first time. Learn how understanding common business risks and typical audit concerns and carefully managing the SAP implementation process to account for these risks and concerns can eliminate nearly 90% of all audit findings.

by Frank Rambo, Director, Regional Implementation Group (RIG) EMEA, SAP GRC
GRC Expert - Volume 2 (2009), Update 7

SAP BusinessObjects Access Control identifies and prevents access and authorization risks in cross-enterprise IT systems to prevent fraud and reduce the cost of continuous compliance and control. The User Access Review (UAR) feature of SAP BusinessObjects Access Control 5.3 automates and documents the periodic decentralized user access review by business managers or role owners. It provides a workflow-based review and approval process. Follow a process flow during a UAR to see its business benefits, configuration, recommended usage of the feature, and workflow options.

by Steve Biskie, Founder, ERPAuditSolutions.com
GRC Expert - Volume 2 (2009), Update 6

To have an efficient and effective control design process, certain risk and control activities need to occur during the implementation process. These activities reduce the potential for audit issues and minimize future rework. By following this strategy you significantly increase the likelihood of having a successful implementation and a pain-free audit.

by Raj Behera, Manager, Regional Implementation Group (RIG), SAP GRC
GRC Expert - Volume 2 (2009), Update 5

SAP BusinessObjects Access Control’s Risk Analysis and Remediation (RAR) capability generates the rule library for segregation of duties and performs the access risk analysis for the user. SAP BusinessObjects Process Control manages the controls for each business process. Integrating the two applications allows you to control both of these functions from SAP BusinessObjects Process Control.

by Raj Behera, Manager, Regional Implementation Group (RIG), SAP GRC
GRC Expert - Volume 2 (2009), Update 4

See how to integrate SAP BusinessObjects Access Control and SAP BusinessObjects Process Control. You can optimize reporting practices, consolidate segregation of duties issues, and troubleshoot any potential problems using these two applications.

by Hari Srinivasan, Senior Principal, Inforte
GRC Expert - Volume 2 (2009), Update 3

Follow the setup for building and executing controls in SAP NetWeaver BW in the context of a real-life media-specific business process.

by Thomas Tsan, Owner, TK Consultants, Inc.
GRC Expert - Volume 2 (2009), Update 2

Simplify user provisioning by using a role-based risk control strategy and a four-tier architecture model that weighs the importance of different kinds of roles.

by Frank Rambo, Director, Regional Implementation Group (RIG) EMEA, SAP GRC
GRC Expert - Volume 2 (2009), Update 2

Audit-proof your daily user management with SAP GRC Access Control’s Compliant User Provisioning capability. Learn about its main features and see an example of how to set it up for requesting, approving, and providing access to your business target systems.