Entries by Riscomp Admin

Implementation and Deployment in Cloud.

Service: End-to-end support for your GRC solution being implemented and used in cloud, provided by a team of GRC and technical Experts. We help you to establish secure access to our hosted system and to solve infrastructure and network-related questions in the most efficient way. Benefits: One point of contact for all questions. Reduce your […]

LAWTECH Europe Congress

Riscomp is one of the sponsors of the LAWTECH Europe Congress this year. This event will take place in Brussels on November 7th and 8th. Register here: http://www.lawtecheuropecongress.com/ Our topic: “Integrated Corporate GRC Initiatives Against Fraud” Fighting fraud and corruption has two major aspects: detection and prevention. We present in-memory technology capabilities allowing efficient big […]

July 2016: Riscomp Cloud – based PoC for CCM successfully completed.

Hosted by Riscomp SAP GRC system was connected to the customer`s ECC6 ERP environment for the proof of concept (PoC) purposes . 16 Continuous Control Monitioring Scenarios, mainly focusing on the revenue cycle (O2C – Order to Cash) as well as IT Change Management were implemented. 2 Scenarios were developed in the CCM ABAP Framework, […]

Loss Events & Incident Management Process

Service: Driven by Finma / Basel / Solvency requirements imposed upon financial services providers, or by the new COSO ERM framework (especially the “Event Identification” Element), a loss event or incident management process can be implemented based on the SAP GRC Suite. The initial event capture can be done by anyone within the company and […]

SAP FIORI – based GRC User Interface

Service: The SAP FIORI-based Interface is becoming more and more accepted by the SAP audience. Among them, GRC customers are also about to discover advantages of the user-friendly and mobile device-compatible FIORI apps for GRC. We can help you to design interfaces based on the standard FIORI Apps or to close gaps by developing custom […]

Implementation of Business Role Management

Service: We can assist you in extending your SAP Access Control-based processes through the Business Role Management application. We can help you with best practice configuration or with custom BRF Plus-based Role Methodology or Approver Rules. Composite, single, or business roles are supported. Benefit: Whether you are developing and enhancing your authorization concept or you […]

Definition of SoDs & Critical Access Risk Rules

Each and every company and its situation are unique – too unique to fulfill all relevant requirements with a standardized  SoD Matrix. The need for proper Segregation of Duties (SoD) Risk Definitions can start with compliance focus (risk reporting, remediation / cleanup and mitigation strategy), down to day-to day operations: ongoing provisioning of authorizations, roles […]

SAP & SoD Audit Support

Service: Support in audits or reviews of SAP ERP application, business process-related and IT general controls. In case SoD is in-scope, we can provide our cloud-based SAP GRC environment (Access Control) and run SoD Analysis of your authorizations data against SoD best practice. If required, your transactional / master / configuration data can be run […]

April 2016, SP12 Upgrades for SAP GRC v10.1 completed.

We have successfully completed SP12 upgrades for our own Cloud environment and also for several customers deploying SAP GRC on premise. Our customers benefit from the enhanced Change Management process: pre-tests done in our own enviroinment help to ensure that there are no negative surprises or even show-stoppers. It is important to have enough time to implement […]

June 2016, Germany – ICS framework review completed

We have completed the ICS Framework review for the customer deploying SAP Process Control. Following goals were achieved: – peer review with 3 other companies focused on the granularity level of subprocesses, risks, controls and control objectives within main business processes. – identification of potential to merge closely related controls (same risks & similar control activities) […]