GRC
HR
SCM
CRM
BI


Article

 

Managing IT and Enterprise Risks Holistically

by Leo Castro | insiderPROFILES

July 1, 2010

How well does your company understand IT and enterprise risks — and the business value of a risk management program? To help companies connect risk management to business strategy and performance, SAP and Novell have partnered to deliver a holistic, integrated solution.
 

Arguably, the last two economic crises stemmed from poor visibility into overall enterprise risk: At the turn of the millennium, the Internet bubble resulted from investors not having visibility into the risks contained within future cash flows, which led to unrealistic valuations. And over the last few years, businesses’ lack of awareness of major risks to their balance sheets has moved “enterprise risk management” firmly onto the executive agendas of CIOs, CFOs, and CEOs.

While neither SAP nor Novell can promise to prevent the next economic bubble, the companies have formed a unique partnership with the goal of delivering a comprehensive, holistic solution that drives continuous compliance and helps companies connect risk management to business strategy and performance management. 

What Are SAP Customers Looking for When It Comes to Managing Risk?

What both Novell and SAP are seeing in the market today is that customers are in the early stages of understanding IT and enterprise risks and how a comprehensive risk management program can help them meet their business goals. Increased government oversight in the areas of consumer privacy and financial controls creates a tangled web of duplicative IT controls that are hard to manage. The concepts of enterprise risk mitigation and controls, identity and fraud management, and governance, risk, and compliance (GRC) are top-of-mind for executives, who are now looking for solutions to combat these business and IT risks.

Increasingly, companies need software that manages users’ access to applications securely and efficiently, while meeting audit and compliance requirements. They are also realizing that they must protect information and prevent fraud with automated software that detects and analyzes potential risks and gives IT and management teams the information they need to make decisions that ensure compliance. However, customers do not want to be tied to just one vendor. And they want to ensure that ecosystem solutions are integrated out of the box — to reduce implementation time and share ownership and responsibility.

A Unique Partnership Offers an Integrated Solution

The Novell Compliance Management Platform, which includes industry-leading security information and event monitoring (SIEM) and enterprise-wide identity management capabilities, easily integrates with SAP BusinessObjects GRC solutions — SAP BusinessObjects Access Control, currently, and SAP BusinessObjects Process Control and SAP BusinessObjects Risk Management by the end of 2010 — allowing SAP customers to map risk to corresponding KPIs in a business context.

The joint Novell and SAP solution, the Novell Compliance Management Platform extension for SAP environments, ensures that enterprises are secured and can monitor processes to assess risks, set up controls to contain them, and take actions to remediate them in real time before the business experiences any negative impact.

This unique partnership between Novell and SAP features three critical elements that create value for customers: Alignment of enterprise risk management in the context of business strategy; integration of risk and performance monitoring and metrics; and the ability to leverage an existing IT infrastructure to drive higher ROI.

Novell and SAP Collaborative Solution

The collaborative solution from Novell and SAP helps SAP customers move away from a reactive approach to risk, instead turning risk into a strategic asset

How Customers Are Overcoming Their Risk Management Challenges

Given our strained economic environment, companies are being asked to do more with their existing infrastructure. Customers need to prove that any investments they make today are adaptable and modular and will position them properly for future investments. When customers invest in the integrated solution from Novell and SAP, they are driving business value by:

  • Moving away from immature risk management programs that operate in disconnected silos and require costly, labor-intensive administrative work
  • Integrating fragmented point solutions to get a consistent, broad view of the enterprise
  • Expanding their underlying compliance point solutions to manage not just compliance reporting, but overall business and IT risk as well
  • Leveraging security and identity management to support compliance and risk management — especially in increasingly complex industries that require companies to grant access not only to employees, but also to external partners and suppliers

Organizations should have controls in place to deal with business risks. SAP BusinessObjects Access Control proactively detects and mitigates segregation of duties (SoD) violations, such as when a user both creates and pays a vendor. Another serious SoD violation occurs if a user has both database administration and system administration access. Novell’s Compliance Management Platform can automatically prevent and monitor such IT GRC violations and reduce risk. With this joint solution, the entire enterprise can be SoD risk-free — not only for the core applications, but also for IT infrastructure security. The solution identifies business and IT risks from one central place based on key corporate objectives — enforcing controls and continuously monitoring them with the same approach to enterprise risk and compliance.

The integrated solution from Novell and SAP enables SAP customers to overcome their risk management challenges and holistically manage both IT and business risks. Using the solution, customers can continuously monitor IT controls and business risk as part of an overall enterprise risk management strategy.

An email has been sent to:






More from SAPinsider



COMMENTS

Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!


SAPinsider
FAQ