GRC
HR
SCM
CRM
BI


Article

 

Is Your Business Ready to Capitalize on Better Economic Times? Compliance Programs Yield Healthy Enterprise Results

by Shaf Begen | SAPinsider

July 1, 2010

Visibility into your organization’s health is vital at this economic inflection point. This article unlocks the value of an "enterprise health management" program, identifies three key goals to strive for when developing your program, highlights compliance and risk management capabilities offered by SAP, and uncovers real benefits from an SAP customer case study.
 

Much like physical health checkups are critical to an individual’s well-being, a 24x7 “enterprise health management” program is essential to a business’s performance and success.

With compliance and risk management solutions available as part of the SAP BusinessObjects governance, risk, and compliance (GRC) portfolio (see sidebar), you have the applications you’ll need to develop an enterprise health management program for your business. SAP software provides the ability to monitor controls across all of the policies and regulatory requirements that drive your company, while simultaneously identifying and managing risks that could potentially harm your business. Such a program allows you to gain greater visibility into your organization’s health, make more confident decisions, and take advantage of more business opportunities.

Figure 1 With SAP software, you can automatically and continuously monitor compliance-related events in one system

Enterprise Health Management Programs Yield Strong Business Results

When developing your enterprise health management program, you should strive to achieve three key goals (see Figure 2):

  • Complete visibility into your organization’s operations, achieved through a comprehensive assessment, can help your company identify and prioritize key areas that may potentially impact the business. For example, having a control in place that automatically monitors HR systems can enable a company to see how many employees complete their quarterly OSHA recertification. By continuously monitoring these areas and triggering alerts and escalations, organizations can leverage actionable intelligence across key regulations and policies from an enterprise-wide perspective.
  • Efficiency generally stems from a company’s adoptio n of industry best practices and configurable rules. By automating manual controls — monitoring overdue work orders, for example — organizations don’t have to spend time, money, and resources testing the operating effectiveness of the controls; rather, the system will notify control owners of the exceptions. Therefore, the number of overdue work orders will remain within an acceptable threshold.
  • Confidence in information is key to making informed decisions about potential risk events, or about controls and policies that aren’t in compliance. Users are empowered to understand the impact of these events, controls, and policies on day-to-day operations.

 

 

Visibility

Efficiency

Confidence

Compliance management
  • Unified repository forces cross-function accountability and standardization of controls (“test and assess”)
  • Comprehensive reports and dashboards monitor control effectiveness across systems and provide automated alerts and notifications
  • Align activities and manage end-to-end processes
  • Delivered and configurable rules enable fast deployment of automated controls across complex environments
  • Automated workflows and notifications shorten audit cycles and reduce compliance expense
  • Single system of record to ensure audit integrity of enterprise-wide compliance activities
  • Continuous cross-system monitoring for reduced fraud and compliance exposure
  • Remediation plans to speed and coordinate responses to deficiencies in the control environment
Risk management
  • Ability to consolidate, analyze, and mitigate risk information across multiple lines of business
  •  Automated alerts, notifications, reports, and escalation procedures enable ability to manage by exception
  • Align compliance and risk methodologies
  • Automatic monitoring of key risk indicators across end-to-end business processes enables risk response effectiveness and completeness
  • Unified management of strategic, financial, operational, and compliance risks
  • Standardized, enterprise-wide risk management across business processes
  • Proactive risk identification and quantification of exposure across the enterprise to improve transparency
Figure 2 SAP BusinessObjects GRC solutions help organizations achieve a 24x7 enterprise health management program

Case Study: Chevron Corporation Achieves Compliance Synergies

Numerous SAP customers have gained visibility, efficiency, and business success using SAP Business­Objects Process Control and SAP BusinessObjects Risk Management, two applications in the SAP BusinessObjects GRC portfolio. One prime example is Chevron Corporation, a multinational energy company that sought to better align key financial controls with the associated business processes and achieve a holistic view into compliance testing and monitoring. To accomplish this, Chevron needed an integrated solution to enable automation, decrease duplicate data entry, and reduce business risk by providing better insight into each financial control.

4 Benefits of Chevron’s Implementation

When Chevron implemented SAP Business­Objects Process Control and SAP BusinessObjects Risk Management, the project included over 5,000 controls tested and over 400 key controls documented in the system. In addition, user training was provided in 21 global locations reaching over 1,000 employees.

According to Jeff Romano, Manager of Internal Controls for Chevron Corporation, the project was completed on time and on budget, and, consequently, Chevron realized four major benefits:

  1. Immediate access to global testing results across the company. This enables early analysis of the overall performance of financial controls and provides the ability to identify any deficiencies across a segment, business unit, or the enterprise.
  2. Eliminated field office “recycling” of details related to ineffective controls and improved cycle time for reporting. This benefit gave Chevron the ability to align accountability for ineffective controls with business units responsible for the corresponding remediation plans. In addition, Chevron is able to report critical control-related data earlier in the reporting cycle and at the point of origin.
  3. Cost reductions by managing compliance through standardization. By utilizing “out-of-the-box” reports, over 30 previously used custom reports were no longer required. Moreover, Chevron achieved a consistent, repeatable, and scalable approach for reporting from business units to company headquarters.
  4. Inclusion of remote offices through offline functionality. This enhanced the overall quality of data as offices without Internet connections could efficiently record testing results. In addition, this offline functionality reduced redundant data entry of testing results and enabled quality assurance reviews prior to completion of assessments.

Be Ready to Grow and Thrive

Chevron Corporation, like other SAP Business­Objects Process Control and SAP BusinessObjects Risk Management customers, achieved its goals and realized improved efficiencies. Gaining this visibility, efficiency, and confidence is more important than ever because it ensures a business’s readiness to perform, grow, and thrive during economic resurgence.

Ultimately, healthy companies are successful companies that leverage a repeatable and scalable strategy for effective management of compliance, risks, and policies. Compliance and risk management solutions from SAP provide a preventive, real-time approach to governance, risk, and compliance across heterogeneous environments.1 Visit www.sap.com/solutions/sapbusinessobjects/large/governance-risk-compliance to learn more about these solutions.

Shaf Begen (shaf.begen@sap.com) is the Director of Solution Marketing for SAP BusinessObjects Governance, Risk, and Compliance (GRC) solutions. Prior to joining SAP, Shaf worked at Oracle, NEC, and DTE Energy in pre-sales, marketing, and corporate planning. He has extensive operational and compliance management experience in the high tech and utilities industries. Shaf has an undergraduate degree in mechanical engineering from Michigan State University.

1 To learn how oil and gas powerhouse Petrobras benefited from SAP BusinessObjects GRC solutions, see “Turning Compliance into Competitive Advantage: How Petrobras Wields GRC Solutions to Increase the Value of Its Sarbanes-Oxley Certification” in the April-June 2010 issue of insiderPROFILES. [back]

 

An email has been sent to:






More from SAPinsider



COMMENTS

Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!


SAPinsider
FAQ