Governance, Risk and Compliance (GRC) and Continuous Controls Monitoring (CCM) for SAP® Environments

Achieve SAP® Compliance without Wasting Valuable Time

What ControlPanelGRC Does

Governance, risk and compliance (GRC) professionals know the importance of compliance—and the tedious, prolonged process of getting there. Unlike other solutions, ControlPanelGRC is written, implemented, and supported by GRC professionals. ControlPanelGRC® has created a better way by automating time-consuming tasks associated with compliance reporting and audit support. It provides visibility into potential risks—while freeing up staffs’ time for real value-creating work. ControlPanelGRC offers an easy-to-use, easy-to implement, GRC solution, through four distinct Solution Suites that provide the robust functionality you need to meet SAP compliance requirements.

ControlPanelGRC is a GRC and continuous controls monitoring (CCM) platform for SAP environments. Through exceptional usability, rapid implementation, seamless integration in SAP, robust reporting and analytics, broad functionality, and an easy-to-understand user interface, ControlPanelGRC helps make SAP users Always Audit Ready™.

ControlPanelGRC automates complex and time-consuming compliance and audit support tasks. “Through automation, we’ve already reduced the amount of repetitive tasks by 50 percent,” says Jeff Rishel, vice-president of IT at Graham Packaging, a maker of plastic containers. “After fully implementing ControlPanelGRC we have now reduced repetitive tasks by75 percent.” ControlPanelGRC has reduced the company’s support costs by 33 percent.

ControlPanelGRC provides visibility and transparency. It puts all SAP compliance check-points on one easy-to-read dashboard, and makes other essential information quickly available in reports. “Our CEO wanted to know what was going on within the organization,” says Mike Ayars, manager of the SAP practice at Powell Electronics, a distributor of specialty electronic components. “Before ControlPanelGRC, he couldn’t gain access to sensitive information when he wanted it. Now he can see everything very clearly. That was priceless.” This automation frees staff from time spent preparing for audits.“ We would have been spending 1,200 to 1,440 hours over a six-month period,” says Matthew Smith, senior NetWeaver administrator for Steelcase, an office furniture manufacturer.“ Instead, using ControlPanelGRC, the same analysis takes only six to eight hours.” ControlPanelGRC, Steelcase was able to avoid adding a fulltime employee to maintain Sarbanes-Oxley (SOX) compliance, saving $150,000 per year.

Thus, with ControlPanelGRC your company is always audit ready. “The pre-auditors come once a year, and they charge us by the hour,” says Sharon Kaiser, CIO of Abiomed, which makes medical implant devices. “In the past it has taken them approximately four weeks to complete their work. We have now simplified things so that they are only here for one week. With ControlPanelGRC, I am now able to extract the data I need and send to the auditors for online review, eliminating the previous paper-ticket-by-paper-ticket review.”

If You’ve Had an Adverse Audit FindingIf auditors have found a weakness in your system, you know you have to do something immediately. You need to fix that weakness—and you also need to gather a great deal more information, because when the auditors come back, they’ll be asking even more questions. Yet many compliance solutions take six, nine, or even 12 months just to implement, at which point you may not find the output easy to understand. For ControlPanelGRC, on the other hand, a long implementation is two weeks.

For example, at Nyrstar, a mining and metals business, implementation took three days, and within a week its audit reporting was already being streamlined so that it could smoothly address segregation of duties (SoD) issues. Patrick Meyer, SAP security consultant, says, “Without the ControlPanelGRC suite it would never have been possible to reduce the number of SoD violations by 86 percent in four months.”

“Through automation, we’ve already reduced the amount of repetitive tasks by 50 percent. After fully implementing ControlPanelGRC we have now reduced repetitive tasks by 75 percent.”

Jeff Rishel, Vice-President of IT Graham Packaging

Additional ControlPanelGRC BenefitsControlPanelGRC gives you control over audit situations. Because its output is easy to understand, you (and others at your company) can stay on top of potential risks before either problems arise or the auditors arrive. Because you’re continuously monitoring SAP controls, you can be confident that your organization meets its compliance requirements. You lower risks, and gain the peace of mind that comes with knowing that you meet compliance requirements.

With ControlPanelGRC you get clear direction on how to remediate control deficiencies. It suggests actions you need to take using clear, easy-to-understand outputs. For example, Graham Packaging replaced its first GRC tool because nobody from the business could understand its output, and CIO Diego Hagino says, “A ControlPanelGRC user analysis report might be only six pages, compared to the 60 pages of irrelevant or redundant data that our team had to comb through.”

Because ControlPanelGRC gives you reliable, usable information in a timely fashion, you can make better decisions. Indeed, ControlPanelGRC is designed to allow managers to self-assess risks. For example, if an employee requests access to a certain role, ControlPanelGRC can show the supervisor where there may be a risk, why the risk exists, and how to fix it. The supervisor can grant or deny the request without having to ask IT or SAP Security to explain what the output is saying.

Every company situation is different, and ControlPanelGRC is constructed in modules and suites that meet specific SAP compliance requirements—so you buy only what you need. The full suites include broad functionality: ControlPanelGRC addresses not just SoD issues, but change management, batch management, and application and security administration. It has the broadest feature set of any software in the industry, and a powerful workflow engine to automate routine tasks. Being that is was developed and is supported by SAP GRC professionals, ControlPanelGRC seemlessly integrates with SAP (indeed, it’s written in ABAP, the native SAP language) and that it’s nimble enough to respond to new requirements as your situation changes.

ControlPanelGRC is a cost-effective solution. Because it’s installed right on top of SAP, there’s no additional technology stack required to host the solution, and no ongoing administration of that hardware. And not only is it reasonably priced compared to alternatives, but it also provides a fast time to return on investment (ROI). Because implementation is so quick and the software is so easy to use, you see an immediate positive impact on productivity.

If Your Current Solution Isn’t EnoughAlmost one-third of our customers are replacing an existing SAP GRC solution. Their most common complaints are that their employees didn’t understand what the software is trying to tell them; that the solution didn’t answer enough questions; and that implementation was long, expensive, and fraught with problems.

“Solutions designed to work with SAP are typically much larger and more complex than what we need,” says Jamison Tomasek, internal audit director at Courier, a book manufacturer. He’s referring to some of the older, very expensive GRC packages. But as a second-generation solution, ControlPanelGRC is more focused, agile, and effective. Tomasek had what a previous solution said was an “irresolvable” SoD issue—but ControlPanelGRC was able to resolve it.

The customers who switch say they like ControlPanelGRC because it’s understandable, comprehensive, cost-effective, and easy to install. “Not only has ControlPanelGRC increased productivity and efficiency, it also has boosted morale with its ease of use and the process improvements it has enabled,” says Allen Benson, Vice President of Business Technology at Spectrum Brands, a diversified manufacturer.

How ControlPanelGRC Works

How Other Companies Have Saved Time and Money with ControlPanelGRC

ControlPanelGRC is organized into four unique solution suites—access controls, process controls, security acceleration, and basis controls—that map to common business processes. Each suite includes modules that work hand in hand to streamline the effort to complete tasks and simplify your entire SAP ecosystem—saving time, effort, and costs. See Figure.

“By implementing SAP security best practices through the ControlPanelGRC solution, Eneco was able to redesign our SAP security environment reducing over 10,000 conflicts for more than 3,000 users to less than 10 unique conflicts that are now being properly tracked and mitigated.” says Luisella TenPierik, SAP Security Consultant of Eneco Corp.

Other customers tell similar stories. ControlPanelGRC is easy to implement and use. It automates previously tedious activities. It frees up knowledgeable staff for more productive work. Accepted by leading accounting firms, it provides confidence that your controls are in place and working properly. And it does so while minimizing the demands on your IT resources.

© SymSoft. SAP®, and SAP NetWeaver® are registered trademarks of SAP AG. All other products mentioned in this document are registered trademarks of their respective companies.

Want to see ControlPanelGRC in action? Please contact us today to schedule a personalized demo.ControlPanelGRC Business Development Dept 1201 N. Prospect Ave. Milwaukee, WI 53202Phone: +1-855-MYCPGRC (692-7472)Email: info@controlpanelgrc.com