Expand your GRC Controls to Cover all Systems – how to Make SAP GRC Work in a Heterogeneous World
- LANGUAGE: English DATE: Wednesday, December 12, 2012 TIME: 4pm CET, 10am EST, 7am PST
SAP GRC, especially with the new release, is a key component in the GRC (Governance, Risk Management, Compliance) strategies and implementations of many organizations. It provides a broad functionality, but it is mainly targeted at SAP environments. Even while SAP in many organizations is the core business environment, auditors have started looking at other environments as well – for example the Microsoft Windows and SharePoint infrastructure which holds most of the unstructured data. In addition, there are several industries and many organizations which have a series of other core business applications in place which they need to integrate in the GRC approach as well.
Having an integrated GRC architecture, i.e. real Enterprise GRC instead of point solutions, provides massive benefits to organizations. Real Enterprise GRC, beyond GRC for specific environments or only for the business side, requires a tight integration of some solutions. While SAP GRC provides a strong offering for the SAP ecosystem, extending it to the heterogeneous world requires additional solutions. A complete picture for Enterprise GRC covers different needs. While SAP GRC is a logical cornerstone for organizations with a large SAP infrastructure in place, this still leaves the need for covering the rest of the ecosystem and the GRC requirements which aren’t fully covered by SAP GRC.
Martin Kuppinger of KuppingerCole will provide an overview on different approaches found in the market to either extend SAP GRC or to use other approaches for full control in heterogeneous environments. He will outline an architecture for a comprehensive Enterprise GRC approach in environments with SAP infrastructure deployed, centered around SAP GRC but adding additional components to cover what is missing.
Marco Venuti of CrossIdeas will then demonstrate, based on best practices of customers, how organizations can extend their SAP GRC in practice to manage access controls and implement access governance, including SoD controls, in heterogeneous environments.
Founded in 2011, CrossIdeas is a leading player of Identity Governance Solutions, enabling organizations to achieve their Compliance, Audit and Access Risk Management objectives. Fortune 500 companies run IDEAS, CrossIdeas' Identity Governance platform, to harmoniously manage people, applications and access entitlements. CrossIdeas is headquartered in Rome and can be reached at www.crossideas.com
Organizations or institutions that are essential for the public are called Critical Infrastructures (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.
KuppingerCole analysts build upon competencies from comprehensive research, experience from highly topical PAM advisory projects and systematically expanded and advanced best practices. Our analysts and advisors offer a one-of-a-kind, multi-channel approach to modern knowledge transfer: the KuppingerCole Master Class Privileged Access Management. Webinars and webcasts, up-to-date research documents, an all-day classroom workshop with final exam and certification of the acquired skills lay the foundation for establishing the necessary technical and methodological knowledge in your own organization.