Implementing an integrated GRC  approach with  SAP GRC

Increasing regulatory requirements set new challenges companies


For years companies have been confronted with increasing  regulatory pressure, and therefore higher costs


…with an organizational impact on the existing GRC structures


Two strategies to react to increasing costs…


From our practical experience, not only efficiency but also acceptance could be raised through iGRC.


iGRC helps companies achieve…


… and an integration strategy according to iGRC® can be implemented in SAP GRC


An Integration Strategy according to iGRC® through…

  •  Concatenation of Risk and Compliance Management and the Internal Control System
  • Process-related intersections of internal steering and control systems -----> strong concatenation useful
  • Example „uniform control process“:
  • Common risk analysis for risk identification
  • Inventory of identified risk as basis for risk reducing measures, internal controls and focus on compliance program
  • Common testing of effectiveness for measures and internal controls
  • Supporting process synchronization by various forms of organizational concatenation with different degrees of integration
  • Using synergy effects and  avoiding duplication of work  as well as redundancy
  • Increasing transparency and  security
  • Performance and control  units obtain a broad overview  of the entire risk situation
  • Efficient and effective  corporate management and  management control

… and by the help of SAP GRC 10.0

Concatenation of Risk and Compliance Management and the Internal Control System


An Integration Strategy according to iGRC® through…

Integrated Reporting for GRC

  • Purpose of an integrated reporting:

Standardized, transparent and efficient reporting for  management- and control units

  • Procedure for an integrated reporting:

Standardization resp. combination of the essential processes

  • Integration of the existing reporting elements
  • Merging of the reporting structures
  • Standardizing reporting deadlines and formats
  • Standardizing the compression ratio of information and data
  • Increasing reporting quality
  • Management and control  units obtain an holistic  overview of the company‘s  important issues
  • Efficient and effective  corporate-management and  control

An Integration Strategy according to iGRC® - a process organization example


According to our experience, in addition to efficiency also acceptance can be increased through iGRC®