Our team provides a combination of professional and technical knowledge which is essential for successful governance, risk & compliance implementations. Our consultants have been able to gain several years of experience in the „big four“ companies. This risk & compliance know-how is enhanced by a wide range of industry, process and technical SAP expertise.
We have the following certifications and degrees:
- SAP GRC Certified
- CPA (Certified Public Accountants)
- CISA (Certified Information Systems Auditors)
- CRISC (Certified in Risk and Information Systems Control)
- SAP consultant certifications for the modules MM, FI and CO
- University Master Degrees in Business Administration, Engineering, MSc in Accounting and Auditing, MSc in Risk Management and Financial Regulation.
Experience and know-how in
- External & internal Audit, IT-Audit.
- Internal control system implementations, operation and testing for SOX 404, JSOX, Swiss, German and other compliance regulations, FINMA, Basel & Solvency requirements.
- Implementations of and developments for SAP ERP (FI, CO, MM; SD), SAP GRC and SAP BI/BO solutions.
- Business processes in various industries: public services, banking, utilities, telecom, manufacturing, biotech etc.
- Validation of SAP GRC software.
RISCOMP’s main focus is project work. We know how to shape and run a project, evaluate risks and how to deliver solutions for our clients.
Maxim (CPA, CISA, CRISC) is a principal consultant and CEO of Riscomp GmbH. He has been head of the Riscomp experts team since 2010 and focusing on implementation of SAP GRC solution since 2007. He has been active in the SAP risk & compliance environment since 1999. He is also a lecturer for SAP Education (GRC330, GRC340, GRC100), author of specialist books on the subject and delivers speeches at numerous specialised conferences. Prior to Riscomp, Maxim worked for KMPG and Schenker AG. During his time at SAP AG, Maxim also contributed to the design and first implementations of SAP GRC solutions.
Moldir Abdikerim is a senior GRC consultant. She has been working in the BI, BO BPC and GRC environment since 2010, and provides substantial experience for GRC projects. Moldir is specialized in SAP process control, SAP risk management, and in new SAP HANA based GRC solutions. Within this area, she is an expert not only for the process and content implementation part, but also for integration with ERP, complex GRC enhancements as well as the development of customer specific dashboards with SAP BW and BO Tools. Degrees (among others): MSc in Risk Management and Financial Regulation, Queen’s University Belfast.
Vishal (CISA, CISM, CRISC) is a Senior Consultant with expert skills in SAP Security, GRC Access Controls, UI Data Security. He brings in more than 10 years of experience in enterprise security topics ranging from application security design to Data Privacy, anonymization and tokenization in SAP. Vishal is familiar with SOX-ICFR , GxP, FDA, FINMA regulated environments. He has provided managed security services and solutions in Swiss and German banking and pharma industry mitigating business risks and ensuring protection against cyber and advanced persistent threats.
Thomas (CISA) is a principal GRC and SAP security consultant with more than 20 years of professional experience. His main focus is the implementation, migration and review of SAP GRC AC (Access Control) solutions: user management (ARM/UAM/CUP), risk analysis (ARA), emergency access management (EAM/SPM formerly known as fire fighter) and business role management (BRM/ERM). He specialises in remediating audit findings and in transforming them into rules in order to avoid such audit findings in the future. He also teaches SAP courses ADM940, GRC300, GRC100 with SAP education. In addition to his GRC and security expertise, his risk & compliance profile is rounded off by assurance related experience: security audits, SOD / segregation of duties (analysis and realization), work in validated environments (GxP, FDA).
Maria has been working as SAP P2P, Security Specialist and Trainer since 2009. She has profound expertise in designing, implementing and rolling out authorization concepts for SAP ERP, IDM-based user provisioning as well as SoD and ITGC (General IT Controls) Compliance in SAP environments. Her main focus in our team is implementation of SAP Access Control and Riscomp Enhancement Packages for SAP Process Control / Risk Management.
Christian Spiegelburg has been working in the SAP environment since 2004 as senior consultant and has in-depth knowledge when it comes to GRC solutions. His main focus is on the technical implementation of SAP Process Control and SAP Risk Management. Christian specializes in planning and implementing the whole range of GRC data transformations and updates. He has gained his extensive know-how by working in the implementation and application support field for more than ten years. Our clients particularly appreciate his excellent support enablement skills. Christian worked for a “Big Four” company for three years.
Tatiana Knecht always keeps track of things at Riscomp, both concerning the big picture as well as the many details of each project. She is in charge of controlling, ordering of office supplies, time sheets, invoices etc. As our team assistant, she supports us swiftly and professionally concerning all administrative issues. Tatiana also liaises with external SAP AG partner management and various government agencies, as well as with external service providers, such as accountants and payroll service providers, to name a few.
GRC Freelance & Developers Network
We are in long-term partnerships with freelancers specialized in GRC as well as with companies certified for SAP NW Basis, SAP Fiori, ABAP and WebDynpro development. If required, we are able to resort to our reliable network in order to deal with our clients’ complex requirements in the most efficient manner. Riscomp accepts the liability and takes over the project management when third party experts are subcontracted.