by Davin Wilfrid, Managing Editor, ERP Expert
SAP was a bit ahead of the game when it released its unified solutions for governance, risk, and compliance (GRC). Many companies were still struggling to meet the bare minimum standards mandated by Sarbanes-Oxley and did not have a coherent strategy for unifying their governance, risk, and compliance initiatives -- instead managing them in siloes throughout the business.
However, that's all changing according to a new report from KPMG, which found that 2/3 executives were planning to converge their various GRC initiatives under one roof, so to speak:
“Typical responses to new regulations have been to add layer after layer of compliance processes, resulting in bloated corporate bureaucracy that can make an organization sluggish,” said John M. Farrell, the GRC Service Network Leader for KPMG LLP, the U.S. member firm of KPMG International. “The answer for some leading companies is implementation of a converged GRC program as a strategic and practical approach that promotes flexibility in a risk-aware culture.”
The SAP solutions for GRC are now under the SAP BusinessObjects portfolio, since they draw on and govern data and processes that typically span beyond the core SAP ERP system.
Along with its report, KPMG released a white paper called Survival of the Most Informed: GRC Comes of Age - How to Envision, Strategize, and Lead to Achieve Enterprise Resilience.