Scribd Logo
Carica

Benvenuto in Scribd!

  • BCA - ICAI GRC Approach SAP PDF

    Caricato da

    sarvjeet_kaushal
    90 visualizzazioni33 pagine
    Streamlined User Access Management Standardizes on SAP Business workflow technology, supports more flexible and tailored access request and approver views. Identify & Qualify Vendors Apply Sourcing Rules Receive Electronic Invoice Evaluate Bids Award & Negotiate Contract Apply Agreement Terms & Conditions Create Purchase Order Pay Supplier (EFT) Are any critical materials single sourced? Were any supplier terms and Conditions breached?

    Descrizione originale:

    Titolo originale

    BCA_ICAI GRC Approach SAP.pdf

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Streamlined User Access Management Standardizes on SAP Business workflow technology, supports more flexible and tailored access request and approver views. Identify & Qualify Vendors Apply Sourcing Rules Receive Electronic Invoice Evaluate Bids Award & Negotiate Contract Apply Agreement Terms & Conditions Create Purchase Order Pay Supplier (EFT) Are any critical materials single sourced? Were any supplier terms and Conditions breached?

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    90 visualizzazioni33 pagine

    BCA - ICAI GRC Approach SAP PDF

    Caricato da

    sarvjeet_kaushal
    Streamlined User Access Management Standardizes on SAP Business workflow technology, supports more flexible and tailored access request and approver views. Identify & Qualify Vendors Apply Sourcing Rules Receive Electronic Invoice Evaluate Bids Award & Negotiate Contract Apply Agreement Terms & Conditions Create Purchase Order Pay Supplier (EFT) Are any critical materials single sourced? Were any supplier terms and Conditions breached?

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 33

    Drive Enterprise Value

    Enabled by SAP Governance Risk & Compliance solns


    Murali Narayanamurthy

    Manage Enterprise Risk and Compliance

    Access Risk
    Management

    Manage access
    risk and
    prevent fraud
    SAP GRC
    Access Control
    SAP GRC
    Access
    Approver mobile
    application

    2011 SAP AG. All rights reserved.

    Controls &
    Compliance
    Monitoring

    Enterprise Risk
    Management

    Ensure
    effective
    controls and
    ongoing
    compliance

    Preserve and
    grow value

    SAP GRC Process


    Control

    SAP GRC Risk


    Management

    SAP GRC Policy


    Survey - mobile
    application

    Planning and
    performing
    Audits

    Drive a unified
    audit
    management
    function

    SAP GRC Audit


    Management

    Fraud
    detection and
    investigation

    Prevent, detect,
    investigate,
    and monitor
    fraud patterns
    and predictions
    SAP GRC Fraud
    Management

    SAPs Approach: Unified Governance Risk & Compliance


    Organizational
    Objectives

    Monitor Key Risk


    Indicators

    Prevent Frauds

    Risk Based Audit

    Unified GRC
    Framework

    Segregation of
    Duties

    Policy
    Management

    Legal Compliance

    Internal Controls
    Effectiveness
    2011 SAP AG. All rights reserved.

    Streamlined User Access Management


    Standardizes on SAP Business workflow technology,
    supports more flexible and tailored access request and
    approver views, simplifying the provisioning process
    SOURCE

    CONFIGURABLE WORKFLOW

    RESULT

    IDM Systems
    SAP
    Business Suite

    SAP IDM
    Novell IDM
    Other

    SAP
    Mobility
    Option

    Other

    AC Direct Entry
    Help Desk
    More

    2011 SAP AG. All rights reserved.

    Request
    generated

    Risk
    Analysis

    Manager
    Approval

    Automated
    provisioning

    Business workflow
    reduces manual tasks
    and streamlines access
    request processing
    Leverage existing
    resources for workflow
    administration and
    configuration

    HR Systems
    SAP HR
    PeopleSoft HR
    Other

    Key Benefits

    Other SAP
    Applications

    Faster and easier for


    users to request the roles
    they need.

    Mitigation
    Exception
    workflow

    Heterogeneous
    Environment

    Business Control Monitoring:


    Supplier Relationship Management Process
    Implement
    Strategic
    Agreements

    Execute
    Procurement

    Pay
    Suppliers

    Drive
    Continuous
    Improvement

    2011 SAP AG. All rights reserved.

    Identify &
    Qualify
    Vendors

    Apply
    Sourcing
    Rules

    Receive
    Electronic
    Invoice

    Evaluate
    Bids

    Award &
    Negotiate
    Contract

    Apply
    Agreement
    Terms &
    Conditions

    Create
    Purchase
    Order

    Pay
    Supplier
    (EFT)

    Were sourcing
    policies followed in
    awarding contracts?

    Dispatch
    Electronic
    PO to
    Supplier

    Receive
    Goods or
    Services;
    Inspect

    Are any critical


    materials single
    sourced?

    Were any supplier


    payment terms
    changed?
    Analyze
    Performance

    Adjust
    Contracts

    Are suppliers for


    critical materials
    delivering on time?

    Combining the power of different approaches


    SAP Fraud Management covers the full spectrum of fraud detection

    Unknown/complex
    Patterns

    Know Patterns

    Know fraud
    behaviors

    Unusual
    behaviors

    Similar, but
    different from
    known behaviors

    Unknown fraud
    behaviors

    Rules
    Predictive
    Algorithms

    Hybrid combination of
    Rules and Predictive Algorithms to detect fraud

    2011 SAP AG. All rights reserved.

    Fraud Management

    Monitoring

    Prevention

    Detection

    Investigation

    Fraud Monitoring & Performance Optimization

    Fraud
    Pattern
    Analysis

    Define Rules
    & Predictive
    Models

    Online
    Detection

    Head of Fraud
    Investigation

    Fraud
    Investigator

    2011 SAP AG. All rights reserved.

    Calibration &
    Simulation

    Mass
    Detection

    Alert
    Notification

    Claim Handling
    & Settlement

    Setup
    Fraud Detection
    Strategy

    Integration
    Configuration
    Platform

    SAP Fraud Management for Insurance

    A Closed-loop, Cross-Functional Process

    Inquire &
    Analyze

    Investigation

    Evaluation &
    Decision

    From Claim Notification to Claim Closure

    Business
    Analyst

    Head of Claim
    Management

    CIO

    USER FRIENDLY INTERFACE TO HELP


    MATURE ALGORITHMS

    2011 SAP AG. All rights reserved.

    15

    SAP Risk Management


    Preserve and grow value

    Monitor thresholds, effectiveness


    of risk responses, and corrective
    actions

    Plan risk management


    within the context of value
    to the organization

    Respond to risk after


    balancing costs and
    benefits

    Link risks, risk drivers,


    risk indicators,
    impacts and
    responses

    Analyze risk via scenarios, modeling,


    & other factors to understand
    exposure
    2011 SAP AG. All rights reserved.

    25

    Intuitive Risk Heat maps for prioritization and


    action

    2011 SAP AG. All rights reserved.

    27

    Risk Planning
    (Bow-tie Builder)
    Define the context within which business risks are to be managed

    2011 SAP AG. All rights reserved.

    28

    Risk Assessment
    Business context based assessments
    Identify and assess the impact of risk events on the business

    2011 SAP AG. All rights reserved.

    30

    Risk Response
    Implement responses Superior mitigation with automation
    Evaluate and select the risks to be addressed and create risk responses

    2011 SAP AG. All rights reserved.

    31

    Risk Monitoring
    Proactive risk management and prevention
    Monitor the effectiveness and completeness of the response actions

    2011 SAP AG. All rights reserved.

    32

    Enterprise Wide Integrated Governance Risk &


    Compliance Example using SAP GRC Solutions
    Develop and
    Package External
    Content

    Fraud

    Enterprise Risks

    Responses

    Accept

    Avoid

    Transfer

    Control

    Reduce

    Regulations
    Process

    Process Risks

    Procure to Pay

    Fraudulent
    invoices paid

    Vendor Mgmt

    Valid
    invoices not
    entered

    AP Invoicing

    Access Risks
    User can
    enter vendor
    & PO

    2011 SAP AG. All rights reserved.

    User can
    enter invoices
    & payments

    Controls
    Review of new
    vendors and
    related invoice
    support

    Review of
    uninvoiced
    goods
    receipts

    Policies
    AP SOD
    rules in AC

    Update and roll


    out strengthened
    security policy

    Mitigate
    Access
    Violations
    Monitor
    Access
    Status
    33

    Achieving Benefits with Enterprise Risk and Control


    Management

    Strategic Alignment
    Predictable Performance
    Confident Decisions
    Unified GRC
    is the key step en route
    to building the linkage
    from strategy to
    execution, because you
    can prove that linkage
    works.

    2011 SAP AG. All rights reserved.

    Increased visibility into


    the impact of risk
    against performance.

    Allocate resources
    and capital where it is
    most needed

    Improve predictability
    and performance.

    34

    Thank You!
    Murali Narayanamurthy
    Director Office of the CFO & GRC
    Solutions
    SAP India Private Limited
    (+91) 9820972906
    murali.narayana.murthy@sap.com

    Potrebbero piacerti anche