by Jacquelyn M. Howard, Senior Managing Editor, BI Expert
I was talking with a BI colleague the other day who was trying to better understand the SAP BusinessObjects suite of applications. He was familiar with Xcelsius, Crystal Reports, and Web Intelligence, but didn’t understand why he needed to know about the SAP BusinessObjects governance, risk, andcompliance (GRC) applications.
Although these areas may seem unrelated, BI teams often need to be aware of corporate policies regarding use, access, and storage of data, especially customer data. For example, in the BI Expert article “Ensure Business Access Segregation by Automatically Generating SAP NetWeaver BW Analysis Authorizations,” Jonathan D. Griffith at FirstEnergy Corp discusses how to update SAP NetWeaver BW security automatically to reflect business rules governing data access. Because FirstEnergy is a utility, it must restrict data access among its five business unit groups in a controlled manner.
Recently, Project Expert’s L
aura Casasanto had the opportunity to interview Norman Marks, vice president at SAP and an evangelist for GRC. Marks explains how GRC touches on all areas of the business, including the BI team. During the interview, Marks says the following:
The information necessary to run the business, to set the strategy, to optimize performance, to understand risk, to understand compliance needs and performance, is not there — it’s fragmented, it’s out of date. You’re doing what I call managing through the rearview mirror because you’re always looking at historical information. Information is really the oil that greases the engines of GRC; without it, performance is not optimized and risk can arise without you seeing it.
For more on what GRC means to an organization, including BI teams, register to read “GRC Explained: A New Way of Looking at Risk,"an exclusive Q&A with Marks. Previously only available to Project Expert subscribers, this interview digs deep into the important steps every company must take to achieve a rock-solid GRC strategy. You are also invited to join Marks in the Compliance forum the week of February 21 to ask your specific questions about your own challenges in creating a sound GRC strategy. Register today.
You can begin leaving your questions now for Marks to answer when the forum officially opens Monday, February 21. Also coming Monday is a podcast with Marks titled “Five Areas of Focus to Help You Create a Successful GRC Strategy.”