Introduction to GRC

• GRC stands for        Governance,Risk and Compliance.

what is the need of SAP GRC:

• remove any risk in managing organizations’ key operations.
• SAP GRC can help customers to meet financial, environmental, health and safety, and sustainability regulations imposed by governments and regulatory bodies on companies and their business partners.
•  report on all compliance-related activities for internal/external auditors.
• Regulatory compliance is a fast-evolving challenge for companies.
• because of GRC,  increased efficiency of operations,reduced risk of penalties for noncompliance during auditing.
• SAP Risk Management helps to balance business opportunities with financial, legal.
• operational risks to be identified in time to minimize the market penalties from high-impact events and monitor them continuously.

• few years ago, manay companies did what ever the activities done by GRC, manually.but is not up to the mark and interms of financial also.

SAP GRC Suite Overview and Components:

SAP GRC provides end-to-end automation for documenting, detecting, remediating, mitigating, and preventing risks enterprise-wide, resulting in proper segregation of duties (SoDs).


 The SAP GRC suite contains the following components to address compliance management.

• SAP Access Control 
•  SAP Process Control
•  SAP Risk Management
•  SAP Global Trade Services (SAP GTS)
•  SAP Nota Fiscal Electronica (SAP NFE).

Even though it’s called the SAP GRC suite, each element can be individually implemented to suit an enterprise’s need.

Value of suite as a whole:

SAP GRC is based on ABAP application server, to strength the core compoents of SAP.

SAP 10.0 support the following core process.

1. Customization (IMG) functions and transport management.
2. Object level security .
3. Archiving and audit tracking .
4. Using SAP standard workflow engine with flexible Multistage Multipath (MSMP) workflow.
5. Business Rules Framework Plus (BRF+) rule engine to make flexible decisions and approvals workflow much easier for the user community to modify according to their needs.
6. User maintenance and role-based authorizations.
7. change management and audit records.
8. end users friendly.
9. Integration with SAP ERP systems using SAP NetWeaver Process Integration (PI) with contents such as SLL-LEG and SLL-NFE add-ons for SAP GTS and SAP NFE  .