Expand your GRC Controls to Cover all Systems – how to Make SAP GRC Work in a Heterogeneous World
- LANGUAGE: English DATE: Wednesday, December 12, 2012 TIME: 4pm CET, 10am EST, 7am PST
SAP GRC, especially with the new release, is a key component in the GRC (Governance, Risk Management, Compliance) strategies and implementations of many organizations. It provides a broad functionality, but it is mainly targeted at SAP environments. Even while SAP in many organizations is the core business environment, auditors have started looking at other environments as well – for example the Microsoft Windows and SharePoint infrastructure which holds most of the unstructured data. In addition, there are several industries and many organizations which have a series of other core business applications in place which they need to integrate in the GRC approach as well.
Having an integrated GRC architecture, i.e. real Enterprise GRC instead of point solutions, provides massive benefits to organizations. Real Enterprise GRC, beyond GRC for specific environments or only for the business side, requires a tight integration of some solutions. While SAP GRC provides a strong offering for the SAP ecosystem, extending it to the heterogeneous world requires additional solutions. A complete picture for Enterprise GRC covers different needs. While SAP GRC is a logical cornerstone for organizations with a large SAP infrastructure in place, this still leaves the need for covering the rest of the ecosystem and the GRC requirements which aren’t fully covered by SAP GRC.
Martin Kuppinger of KuppingerCole will provide an overview on different approaches found in the market to either extend SAP GRC or to use other approaches for full control in heterogeneous environments. He will outline an architecture for a comprehensive Enterprise GRC approach in environments with SAP infrastructure deployed, centered around SAP GRC but adding additional components to cover what is missing.
Marco Venuti of CrossIdeas will then demonstrate, based on best practices of customers, how organizations can extend their SAP GRC in practice to manage access controls and implement access governance, including SoD controls, in heterogeneous environments.
Founded in 2011, CrossIdeas is a leading player of Identity Governance Solutions, enabling organizations to achieve their Compliance, Audit and Access Risk Management objectives. Fortune 500 companies run IDEAS, CrossIdeas' Identity Governance platform, to harmoniously manage people, applications and access entitlements. CrossIdeas is headquartered in Rome and can be reached at www.crossideas.com
The traditional model of enforcing security at the network perimeter is no longer valid as employees, devices and workloads move outside the corporate network. A Zero Trust model offers an alternative that secures data while ensuring it is accessible from wherever employees are working. But finding the right technological approaches to Zero Trust is challenging.