SAP Governance, Risk and Compliance (GRC) solutions offer organizations with solutions that address risk management, corporate governance and regulatory compliance.
Key points to have in my mind:
- Understand the impact of Sarbanes-Oxley
- Control the type or nature of the risks and their volumes
- International goods (purchase /sell)
- Enable an approval chart that reply to your organization charts.
- Keep an eye on the approval times: you cannot be competitive approving things in 3 weeks when you were doing in one day in the past.
- Manage information flow in all directions.
- Ensure that data is kept secret and private.
- Implement your business strategy through the enablement of actions on GRC.
All these activities remind me some years ago when I worked in a project service for all the governance rules of the company I worked for. They had 101 rules at that moment to govern all the different aspects of the business in a risk controlled way. All these concepts, rules and mechanisms are the same here.