State-of-the-Art GRC management process for Sonova

Company: For more than 70 years, Sonova has been producing the highest-quality hearing aids and successfully improving lives of thousands with hearing limitations. Innovative technology alongside perfect customer care is what makes this company one of the best in the medical devices sector.

Latest Achievements:

We are very excited to share the news that another, 3rd milestone in enhancing and replacing legacy GRC management processes was successfully achieved on February 28, 2020:

  • Existing users and authorizations management processes were re-engineered and successfully implemented, ensuring an automated and fully-compliant access provisioning and roles management process.
  • The Customized Views for Risk Analysis result ensured that business has a good understanding of risk causes, impact, and mitigation during access request submission and ad-hoc risk reporting.
  • A harmonized Delegation Functionality was customized, to ensure 100% integration of SAP Access Control and SAP Process Control components.
  • A Password self-service functionality was established.

Prior to this milestone, the following goals were achieved:

Sonova significantly improved its legacy Internal Control System by implementing SAP Process Control in 2018. Their new tool facilitates end-to-end ICS management process in their entire group of companies. Highlights of our SAP GRC implementation project are as follows:

  • End-to-End ICS management process based upon SAP Process Control functionality.
  • The Customized User Interface ensures maximum user acceptance.
  • SAP interactive forms by Adobe are leveraged to maximize all workflow-based activities.
  • Key ERP applications are integrated with SAP Process Control. Automated control scenarios accommodate around 400 control instances and cover ITGC, Finance, O2C and P2P processes.
  • Transactional scenarios leverage SAP HANA technology, ensuring high performance with minimum impact on SAP ERP applications.
  • On top of the usual ICS scope, the survey functionality is also used by Sonova’s Compliance Department during the recurring Compliance Risk Self-Assessment cycle.
  • Later in 2019, their legacy application supporting the SoD compliance and emergency access process was successfully replaced by SAP Access Control.

Whats Next:

Our efforts to help our customer maximize their SAP GRC platform investment are not yet finished. Over the coming months, we will be helping Sonova to upgrade their SAP GRC Suite, integrate further business applications, and continue optimizing SAP GRC operations.