Expand your GRC Controls to Cover all Systems – how to Make SAP GRC Work in a Heterogeneous World
- LANGUAGE: English DATE: Wednesday, December 12, 2012 TIME: 4pm CET, 10am EST, 7am PST
SAP GRC, especially with the new release, is a key component in the GRC (Governance, Risk Management, Compliance) strategies and implementations of many organizations. It provides a broad functionality, but it is mainly targeted at SAP environments. Even while SAP in many organizations is the core business environment, auditors have started looking at other environments as well – for example the Microsoft Windows and SharePoint infrastructure which holds most of the unstructured data. In addition, there are several industries and many organizations which have a series of other core business applications in place which they need to integrate in the GRC approach as well.
Having an integrated GRC architecture, i.e. real Enterprise GRC instead of point solutions, provides massive benefits to organizations. Real Enterprise GRC, beyond GRC for specific environments or only for the business side, requires a tight integration of some solutions. While SAP GRC provides a strong offering for the SAP ecosystem, extending it to the heterogeneous world requires additional solutions. A complete picture for Enterprise GRC covers different needs. While SAP GRC is a logical cornerstone for organizations with a large SAP infrastructure in place, this still leaves the need for covering the rest of the ecosystem and the GRC requirements which aren’t fully covered by SAP GRC.
Martin Kuppinger of KuppingerCole will provide an overview on different approaches found in the market to either extend SAP GRC or to use other approaches for full control in heterogeneous environments. He will outline an architecture for a comprehensive Enterprise GRC approach in environments with SAP infrastructure deployed, centered around SAP GRC but adding additional components to cover what is missing.
Marco Venuti of CrossIdeas will then demonstrate, based on best practices of customers, how organizations can extend their SAP GRC in practice to manage access controls and implement access governance, including SoD controls, in heterogeneous environments.
Founded in 2011, CrossIdeas is a leading player of Identity Governance Solutions, enabling organizations to achieve their Compliance, Audit and Access Risk Management objectives. Fortune 500 companies run IDEAS, CrossIdeas' Identity Governance platform, to harmoniously manage people, applications and access entitlements. CrossIdeas is headquartered in Rome and can be reached at www.crossideas.com
Nearly all high-impact cyberattacks have a phase in which the attacker must conduct lateral movement from their initial landing point to their ultimate target. To do this, the attacker needs a combination of credentials and available connections between one system and another. This is the evasive process of “living off the land” using the connectivity native to the organization.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.