Business Information > GRC Overview

Overview: SAP Best Practices for Governance Risk and Compliance (SAP GRC)

As illustrated in the enterprise-wide GRC framework above, the GRC management is embedded in core processes, not separate from the main processes. The key attributes of this framework are as follows:

  • supports a heterogeneous environment including leading enterprise software applications
  • build upon the SAP NetWeaver Business Process Platform that provides a rich set of reusable technology components such as security, workflow, content management and integration middleware that avoids fragmentation and duplication of efforts on the IT side

Cross-Industry GRC solutions including various controls, documentation, monitoring, and risk management applications. They include the following applications:

  • SAP GRC Access Control
  • SAP GRC Process Control
  • SAP Risk Management
  • SAP Environment, Health and Safety
  • SAP Global Trade Services

Industry-specific GRC solutions include solutions that apply to specific industries. For example, in High-Tech Industry, the SAP Solution for Environmental Product Compliance (SAP EPC) addresses industry-specific regulations for RoHS/WEEE (RoHS = Reduction of Hazardous Substances, WEEE=Waste Electric and Electrical Equipment). Based on these SAP Solutions for GRC, key controls can be inserted into the core business processes to ensure that governance (policies and procedures) is enforced, risks are properly monitored and controlled and compliance is maintained as part of the regular core business processes.

This release of SAP Best Practices covers the Access Control application alone.

Learn more about the comprehensive SAP for GRC solution in the SAP Solutions for Governance Risk and Compliance link in the table, Addtional Information on the Public SAP Website.