Professional Documents
Culture Documents
SAP® governance, risk, and compliance (GRC) Together, SAP GRC solutions give decision-
solutions help enable risk-adjusted management makers the insights needed to adjust objectives
while driving down risk and compliance costs and strategies, as well as to predict, detect, and
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
and building trust. These integrated solutions can respond to business opportunities and threats.
be embedded into the very foundation of your For example, they can see which risks stand in
business operations and digital transformation the way of objectives and how a risk has been
projects, automating GRC activities and providing addressed to date, visualize links between root
real-time visibility and control. You can more causes and impacts, identify unusual patterns,
easily monitor risk and control status, integrate and continuously monitor risks enterprise-wide.
systems and processes, and unify GRC on a And because SAP GRC solutions enable people
common technology platform. to manage by exception, they can stay focused
on what’s most important.
2 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
3 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
Enterprise risk Identity and access Cybersecurity and data International trade Integrated Risk, Controls, Compliance,
and compliance governance protection and privacy management
and Audit Solutions
SAP Risk Management SAP Access Control SAP Enterprise Threat SAP Global Trade Services
Detection Identity and Access Management
SAP Process Control SAP Cloud Identity Access SAP S/4HANA® for
Governance SAP Code Vulnerability international trade Solutions
SAP Audit Management
Analyzer
SAP Business Integrity SAP Identity Management SAP Watch List Screening
Screening SAP Cloud Identity Services SAP Fortify by Micro Focus Cybersecurity Solutions
– Identity Provisioning SAP Focused Run
S AP Regulation
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
Management by Greenlight SAP Cloud Identity Services SAP Privacy Governance Data Protection and Privacy Solutions
– Identity Authentication
SAP Privacy Management
SAP Single Sign-On by BigID International Trade Management
SAP Access Violation UI data protection masking Solutions
Management by Greenlight
UI data protection logging
SAP Dynamic Authorization SAP Data Custodian
Management by NextLabs
SAP Data Custodian key
management service
4 / 15
Figure: SAP® Governance, Risk, and Compliance Solutions
SAP Solution Brief Objectives Solution Benefits Quick Facts
can not only know the risks your organization mated continuous control monitoring capabilities Data Protection and Privacy Solutions
faces but also understand their root causes and help you analyze master data, configuration, and
related impacts and the status of risk mitigation transactions directly in applications in real time. International Trade Management
actions. Use this application to formalize how Solutions
5 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
• SAP Audit Management application: Plan your risk. Screen large volumes of transactional Comprehensive, Integrated GRC for
audit engagements, manage work programs and data in real time based on predictive analyses Real-Time Visibility
resources, document evidence, perform audits, and extensible rule sets that help you uncover
and handle audit issues globally. Use this solution anomalies, fraud, or deviations from policy Integrated Risk, Controls, Compliance,
to organize work papers and create audit reports early on. and Audit Solutions
quickly and easily. Because you can instantly • SAP Regulation Management application by
capture audit documentation and evidence, you Greenlight: Use this application to enhance Identity and Access Management
can shift the focus of internal audits from provid- SAP Process Control with a regulatory intake Solutions
ing basic assurance to sharing insight and advice. process. The solution provides a centralized regu-
• SAP Business Integrity Screening application: latory change management process and helps Cybersecurity Solutions
Built for Big Data and high-volume screening, you confidently assess and respond to regulatory
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
the application helps you detect, prevent, and changes while mapping changes in regulatory Data Protection and Privacy Solutions
deter fraudulent activity and reduce third-party requirements to existing controls or new controls.
International Trade Management
Solutions
6 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
reduce unauthorized access, internal fraud, and • SAP Cloud Identity Services – Identity Data Protection and Privacy Solutions
compliance costs. Provisioning and Identity Authentication
• SAP Cloud Identity Access Governance services: Offer cloud-based services for user International Trade Management
software: Manage user access in the cloud provisioning into all of your business applications. Solutions
with services based on SAP Cloud Platform These services can be complemented with our
(access analysis, role design, access request, identity authentication service, which provides
and others). Gain instant visibility into a wide authentication, single sign-on, identity federa-
range of access issues and support for cloud tion, and advanced authentication mechanisms
applications. Users of SAP Access Control can such as multifactor authentication and support
for SAML and OpenID Connect protocols.
7 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
• SAP Single Sign-On application: Enable single- • SAP Dynamic Authorization Management Comprehensive, Integrated GRC for
user logins for secure access across companies, application by NextLabs: Take access manage- Real-Time Visibility
domains, and devices to improve employee ment to the next level with dynamic, attribute-
productivity, simplify password management, based access control. Use attributes to define Integrated Risk, Controls, Compliance,
and minimize help desk calls. Enhance authen- and apply business-driven access policies so and Audit Solutions
tication security using smart cards, two-factor you can better manage access, reduce the
and risk-based authentication, and digital number of access roles, facilitate collaboration, Identity and Access Management
signatures. and improve enterprise data security. Solutions
• SAP Access Violation Management applica-
tion by Greenlight: Detect access violations Cybersecurity Solutions
using real-time connectors for various target
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
systems, especially those outside the SAP Data Protection and Privacy Solutions
landscape, and gain insight into the financial
exposure associated with actual access risk International Trade Management
violations. You can also focus on actual occur- Solutions
rences and incorporate financial materiality into
the risk equation. This application can be used
to expand SAP Access Control by unifying a
heterogeneous landscape with centralized
access management.
8 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
Cybersecurity Solutions
Now, you can better protect your company’s repu- • SAP Code Vulnerability Analyzer tool: Use Comprehensive, Integrated GRC for
tation and intellectual property across landscapes this static code-scanning tool to identify and Real-Time Visibility
and geographies. Help keep systems secure in a fix security vulnerabilities in your ABAP coding
continuously changing threat environment using before you even deploy it to productive systems. Integrated Risk, Controls, Compliance,
powerful, flexible monitoring, detection, and • SAP Fortify software by Micro Focus: Help and Audit Solutions
response capabilities. Enabling solutions include: secure applications wherever they are deployed
• SAP Enterprise Threat Detection application: – in-house, on the Web, in the cloud, or on Identity and Access Management
Identify potential security breaches in real time, mobile devices. Integrate code vulnerability Solutions
perform security monitoring of applications analysis across the solution lifecycle and auto-
and events, and use attack detection patterns mate processes used to develop and deploy Cybersecurity Solutions
to find application-specific threats. Analyze log secure technology and services.
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
data and correlate information to get a full view • SAP Focused Run solution: Enable service Data Protection and Privacy Solutions
of landscape activities and investigate attacks providers to host all their customers in one cen-
based on alerts. tral, scalable, and automated environment and International Trade Management
address their advanced system management, Solutions
user monitoring, integration monitoring, and
configuration and security analytics needs.
9 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
and distribute regulatory requirements and data Data Protection and Privacy Solutions
privacy policies.
International Trade Management
Solutions
• UI data protection masking package: Help pre- noncompliant, or malicious activities; and identify Comprehensive, Integrated GRC for
vent data leaks by restricting access to legally (and help stop) responsible actors. Real-Time Visibility
protected or business critical data. Refine your • SAP Data Custodian solution: Gain multi-cloud
existing authorization setup (within the PFCG data transparency for data across your extended Integrated Risk, Controls, Compliance,
transaction) to grant task-specific access to enterprise, as well as full-stack transparency and Audit Solutions
critical data by masking for unauthorized users across all infrastructure, operating systems, SAP
and write a trace of data access. You also gain applications, databases, and integrated hyper- Identity and Access Management
better compliance with internal and legal data scalers such as Google Cloud Platform, Microsoft Solutions
protection requirements, such as the General Azure, Amazon Web Services, and AliCloud.
Data Protection Regulation. • SAP Data Custodian key management service: Cybersecurity Solutions
• UI data protection logging package: Use this This multi-cloud hardware security module as
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
package to help prevent data leaks by logging a service delivers an independent, secure key Data Protection and Privacy Solutions
access to business-critical data. In the event of a management and cryptography service, helping
breach, you can notify those impacted with criti- protect your data in public, private, hybrid, or International Trade Management
cal information; use logs to identify unauthorized, multi-cloud environments. Solutions
11 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
Automation eliminates manual compliance procedures. Data Protection and Privacy Solutions
tasks, boosts productivity, and contributes to
bottom-line savings through duty minimization International Trade Management
opportunities. Key capabilities such as inline Solutions
process blocking and release allow for efficient
screening of restricted or denied parties.
12 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
• SAP S/4HANA® solution for international • SAP Watch List Screening application: By Comprehensive, Integrated GRC for
trade: SAP S/4HANA includes a set of capa- providing fast access to accurate and reliable Real-Time Visibility
bilities around trade that give you the ability information, this public cloud application helps
to manage basic cross-border requirements. you screen your business partners against lists Integrated Risk, Controls, Compliance,
These include: flagged by governments and organizations, and Audit Solutions
– Intrastat requirements – by supporting as well as learn if they have been negatively
order-to-cash statistical reporting require- represented in the media. The application can Identity and Access Management
ments in the European Union help you improve third-party risk management Solutions
– Export compliance requirements – by help- and help ensure compliance, in particular with
ing you meet regulatory requirements when antibribery and anticorruption laws. Cybersecurity Solutions
exporting goods with legal control, embargo
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
checks, and integration with the SAP Watch Data Protection and Privacy Solutions
List Screening application
– Classification requirements – by applying International Trade Management
the product-level classification necessary to Solutions
support Intrastat and export processes
In addition, you can be more predictive and pro controls and responses, and an intuitive user
active, which helps you minimize fraud and its experience across applications.
negative impacts, the risks of noncompliance, and
instances of operational and other types of risk.
14 / 15
SAP Solution Brief Objectives Solution Benefits Quick Facts
Summary Solution
With SAP® GRC solutions, you can embed con- • Centralized monitoring and management of
trols within a business process and gain insight enterprise risk management, controls, and
into anomalies and potential risk events. You can compliance
harness Big Data directly from business applica- • Identity and access management
tions for exception monitoring and insights. And • Cybersecurity, data protection, and data privacy
you can strengthen your organization by helping management
drive down risk and compliance costs, minimizing • International trade management, sanctioned-
risk and loss events, and providing visibility to see party-list screening, and trade compliance
not only today’s threats but beyond the horizon to
tomorrow’s as well. Benefits
• Objectives achieved more reliably, with trans-
Objectives parency on risk mitigation and efforts
• Consolidate risks and align them with corporate • Risk and compliance efforts aligned to business
objectives value drivers
• Manage internal controls, compliance, and audits • Less duplication and better coordinated efforts
• Manage user identities and access to applications across the business
© 2020 SAP SE or an SAP affiliate company. All rights reserved.
• Prioritize cyber risks, data protection, and pri- • Real-time exception monitoring and earlier
vacy law compliance detection
• Manage changes and risks in global trade and
supply chains Learn more
To find out more, call your SAP representative
today or visit us online.
15 / 15
Follow us
www.sap.com/contactsap
No part of this publication may be reproduced or transmitted in any form or for any purpose without the
express permission of SAP SE or an SAP affiliate company.
The information contained herein may be changed without prior notice. Some software products marketed
by SAP SE and its distributors contain proprietary software components of other software vendors. National
product specifications may vary.
These materials are provided by SAP SE or an SAP affiliate company for informational purposes only, without
representation or warranty of any kind, and SAP or its affiliated companies shall not be liable for errors or
omissions with respect to the materials. The only warranties for SAP or SAP affiliate company products and
services are those that are set forth in the express warranty statements accompanying such products and
services, if any. Nothing herein should be construed as constituting an additional warranty.
In particular, SAP SE or its affiliated companies have no obligation to pursue any course of business outlined in
this document or any related presentation, or to develop or release any functionality mentioned therein. This
document, or any related presentation, and SAP SE’s or its affiliated companies’ strategy and possible future
developments, products, and/or platforms, directions, and functionality are all subject to change and may be
changed by SAP SE or its affiliated companies at any time for any reason without notice. The information in this
document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality.
All forward-looking statements are subject to various risks and uncertainties that could cause actual results to
differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking
statements, and they should not be relied upon in making purchasing decisions.
SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks
or registered trademarks of SAP SE (or an SAP affiliate company) in Germany and other countries. All other
product and service names mentioned are the trademarks of their respective companies.