Spotlight: Implementing SAP BusinessObjects GRC 10.0 Solutions

  • by Gary Byrne, Managing Editor, Financials Expert and SCM Expert
  • January 25, 2012
SAP’s Frank Rambo comments on guidelines to follow and pitfalls to avoid when implementing SAP BusinessObjects GRC 10.0 solutions.

To provide some answers to possible challenges you may have during an implementation of SAP BusinessObjects GRC 10.0, I interviewed Frank Rambo, director of the GRC practice unit within SAP’s Customer Solution Adoption (CSA) organization, about measures to take to ensure a successful implementation of SAP BusinessObjects GRC 10.0 solutions. Here are his comments.

What configuration issues might arise during an implementation of SAP BusinessObjects GRC10.0?

Areas that have changed are the setup of multiple compliance initiatives and automated rules in SAP BusinessObjects Process Control 10.0. Enhancements to the multicompliance framework provide better cross-compliance support. [In SAP BusinessObjects GRC 10.0] single control tests or assessments are more easily reflected across multiple compliance requirements. Additionally, more flexibility has been provided in handling regional control requirements and supporting data overrides of standard control definitions to reflect regional requirements. The expanded and enhanced rules framework now supports advanced rule logic, including calculated and logical operations, grouping and aggregation, and currency conversions. There is also improved integration with data sources, including queries, database tables, and reports, allowing for broader automated rules coverage. Of course, some training is required to make optimal use of these new abilities.

What do you think a key area to focus on during an implementation of SAP BusinessObjects GRC applications is?

SAP BusinessObjects GRC is a solution portfolio consisting of four powerful and separately licensed software products: SAP BusinessObjects Access Control, SAP BusinessObjects Process Control, SAP BusinessObjects Risk Management, and SAP BusinessObjects Global Trade Services. There is no right or wrong in the order of implementing them. Companies usually set different priorities for the focus of their GRC implementations. Some companies are looking for tactical solutions to rapidly respond to requirements in the context of the Sarbanes-Oxley Act or foreign trade regulations. Other companies are following a more strategic approach and aim to quantitatively assess risk and compliance across the entire organization and enable their management for a risk-adjusted corporate performance management.

Gary Byrne

Gary is the managing editor of Financials Expert and SCM Expert. Before joining WIS in March 2011, Gary was an editor at Elsevier. In this role he managed the development of manuscripts for Elsevier’s imprint responsible for books on computer security. Gary also has held positions as a copy editor at Aberdeen Group, a Boston-based IT market research company, and as an editor at, a publisher of content for the IT community. He also gleaned experience working as a copy editor for International Data Corp., a Framingham, MA-based IT market research company. He earned a bachelor of science degree in journalism from Suffolk University in Boston. He enjoys traveling, sailing as a passenger onboard schooners, and helping his wife, Valerie, with gardening during summer weekends. He’s a fan of all the Boston sports teams and once stood behind Robert Parish in a line at BayBank. He felt small and didn’t ask for an autograph. You can follow him on Twitter at @FI_SCM_Expert. His online footsteps can also be found in the SAP Experts group on LinkedIn.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.