Banque Cantonale de Fribourg

Riscomp has designed and implemented integrated ICS, Risk and Loss Management Processes for BCF. The Policy Management Process is automated as well and users enjoy the intuitive and convenient way to work with directives


We are conducting standard trainings and own courses for SAP Education in english and german. We are also working together with SAP Consulting on different GRC implementation projects.

Implementation and Deployment in Cloud.

Service: End-to-end support for your GRC solution being implemented and used in cloud, provided by a team of GRC and technical Experts. We help you to establish secure access to our hosted system and to solve infrastructure and network-related questions in the most efficient way. Benefits: One point of contact for all questions. Reduce your […]

July 2016: Riscomp Cloud – based PoC for CCM successfully completed.

Hosted by Riscomp SAP GRC system was connected to the customer`s ECC6 ERP environment for the proof of concept (PoC) purposes . 16 Continuous Control Monitioring Scenarios, mainly focusing on the revenue cycle (O2C – Order to Cash) as well as IT Change Management were implemented. 2 Scenarios were developed in the CCM ABAP Framework, […]

SAP FIORI – based GRC User Interface

Service: The SAP FIORI-based Interface is becoming more and more accepted by the SAP audience. Among them, GRC customers are also about to discover advantages of the user-friendly and mobile device-compatible FIORI apps for GRC. We can help you to design interfaces based on the standard FIORI Apps or to close gaps by developing custom […]

Implementation of Business Role Management

Service: We can assist you in extending your SAP Access Control-based processes through the Business Role Management application. We can help you with best practice configuration or with custom BRF Plus-based Role Methodology or Approver Rules. Composite, single, or business roles are supported. Benefit: Whether you are developing and enhancing your authorization concept or you […]

Definition of SoDs & Critical Access Risk Rules

Each and every company and its situation are unique – too unique to fulfill all relevant requirements with a standardized  SoD Matrix. The need for proper Segregation of Duties (SoD) Risk Definitions can start with compliance focus (risk reporting, remediation / cleanup and mitigation strategy), down to day-to day operations: ongoing provisioning of authorizations, roles […]

Ongoing GRC Application Support 2nd / 3rd level

Service: We can take over 2nd or 3rd level support for your SAP GRC Applications. Ongoing ticket-based troubleshooting, SAP OSS message processing, upgrades, enhancements or master data uploads can be offered in a flexible manner and under consideration of SLA / reaction time required. Benefit: From our technical GRC expertise and well-established connections to SAP, […]

Information Security Risk Management Process

Service: ISO27001-driven focus on Risk Management can be implemented based on SAP GRC solutions. ISMS (Information Security Management System) specifics such as data model (e.g. Consideration of IT Assets) or functionality / process (Exceptions to Policy, Incident / Event Management etc.) are considered. Benefit: Take full advantage of the five GRC efficiency drivers: 1. Automation […]

Ongoing security review & certification process

SAP Access Control is offering a wide range of intuitive workflow or reporting-based features helping to ensure, that: – Users have only roles which are being used. – Authorizations assigned to users are correct and are periodically confirmed by process responsibles. – SoD conflicts are proactively monitored and remediated by de-provisioning of non-used roles or […]