Reducing the Total Cost of SAP Compliance with 2nd Generation GRC Solutions
Upcoming SlideShare
Loading in...5
×
 

Reducing the Total Cost of SAP Compliance with 2nd Generation GRC Solutions

on

  • 1,898 views

2nd generation GRC Solutions runs inside SAP with no incremental infrastructure investment and reduced time to ROI. It provides "Embedded Compliance" - audit reporting data and decreased annual ...

2nd generation GRC Solutions runs inside SAP with no incremental infrastructure investment and reduced time to ROI. It provides "Embedded Compliance" - audit reporting data and decreased annual software maintenance.

Graham Packaging is one of the companies that has seen the benefits of implimenting the 2nd generation GRC first hand.

Statistics

Views

Total Views
1,898
Views on SlideShare
1,897
Embed Views
1

Actions

Likes
0
Downloads
51
Comments
0

1 Embed 1

http://www.docshut.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Reducing the Total Cost of SAP Compliance with 2nd Generation GRC Solutions Reducing the Total Cost of SAP Compliance with 2nd Generation GRC Solutions Presentation Transcript

  • Reducing the Total Cost of Compliance with 2nd Generation GRC Solutions Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Introducing… Dan Wilhelms President – SymSoft Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About SymSoft • Makers of Governance, Risk and Compliance (GRC) solutions for SAP environments • Spin-off of Milwaukee-based Symmetry Corporation • 14 years of technical implementation solutions for the SAP and Enterprise Security marketplace • One of the largest dedicated SAP Basis consulting organizations in the U.S. - 200 SAP implementations and over 90 SAP Basis and security managed services customers • 10 years of software development and marketing experience • Previous reseller of Virsa, and SAP GRC integrator • SAP Certified Hosting Partner Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About SymSoft • Developers of value added software solutions for SAP technical operations • Q-TMS – Automation and tracking of SAP Change Request (transport) processing • RBE – SAP Reverse Business Engineering analytics • Password Manager – Re-sync SAP passwords across all SAP landscapes • Numerous proprietary utilities for SAP security administration Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • The Current State of GRC • In the wake of SOX, many enterprises • Purchased expensive “1st generation GRC solutions • “Toughed it out” with manual compliance operations • Mixed satisfaction with 1st generation solutions • High price, high implementation costs, high TCO • High maintenance fees, upgrades required • Often “Shelfware” • Lack of day to day, “meat & potatoes” utility Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • The Current State of GRC • Auditors trending towards broader IT audits • Taking a broader view of Controls – Beyond SODs • Getting more application savvy • Many enterprises simply can’t afford an upper 6 figure solution • Increasing audit requirements at odds with tight economy Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Components Affecting the Total Cost of Compliance • Purchased software license fees • Annual software maintenance • Infrastructure investments • Implementation costs • On-going infrastructure administration • Annual audit preparation and reporting • Opportunity cost – what you can’t do Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Purchased Software License Fees • 1st generation GRC solutions priced in upper 6 figures • Exploit the gold rush into compliance • 1st generation GRC solutions often “wrapped and rolled” into larger ERP purchases • Resulting in GRC “Shelfware” • “Give away the razor and make it up on the blades” • Often access to full functionality requires expensive upgrades • 2nd generation GRC solutions are priced 50-75% less than 1st generation solutions Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Annual Software Maintenance • The “blades” for the razor • 1st generation solutions often $60-80K per year • Whether “Shelfware or not” • 2nd generation GRC solutions can often be justified on avoiding 1st generation annual software maintenance fees alone! Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Infrastructure Investments • 1st generation GRC solutions require purchasing and implementing dedicated servers and infrastructure • Often $200K or more • Additional line items on asset and depreciation tables • Another headache for IT infrastructure staff • 2nd generation solutions run inside SAP with no incremental infrastructure investment • Existing infrastructure investments supporting 1st generation GRC solutions can be retired or redeployed • Investing in new infrastructure can be avoided Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Implementation Costs • 1st generation solutions usually require multi-month implementations • Major project, major distraction • Usually “Integrator led” implementations • 2nd generation GRC implementations measured in days • Projects can be led by internal IT staff with on-call remote vender support • Projects can be “trickle in” implementations vs. “big bang” • Time to ROI significantly reduced Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • On-going Infrastructure Administration • 1st generation GRC solutions running on dedicated servers require on-going IT administration • Server administration - monitoring and maintenance • Data backup and tape operations • 3rd party break/fix contracts • 2nd generation GRC solutions are “zero foot print”. With no dedicated server infrastructure, there is no on-going incremental infrastructure administration costs • Net reduction in complexity of IT support operations Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Annual Audit Preparation and Reporting • With manual or semi-automated processes, annual audits can become annual “root canals” • IT staff irritated by having to manually extract and prepare data • Internal audit viewed as interruptions, not value add • Time and money diverted from innovation • External audit costs increased • Audit preparation can be lengthy, distracting, and expensive – can take months Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Annual Audit Preparation and Reporting • Manual or semi-automated controls tend to attract more scrutiny • Day-to-day repetitive, tedious tasks often take longer due to GRC requirements • User and Role provisioning • Transport management • Batch management Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Annual Audit Preparation and Reporting • 2nd generation GRC solutions provide “Embedded Compliance” - audit reporting data is captured automatically as part of automated business processes • Audit data is available real-time, ad hoc • More audit data becomes “self-service” to auditors, and more importantly business process owners and executives • Broader breath of scope of 2nd generation GRC solutions address increasingly broader audit scrutiny • Cost of audit preparation reduced by 75% • Less time operating the business – More time improving the business Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Opportunity Cost • Any hour spent proving what you did is an hour not spent improving what you are going to do • Budget spent on compliance is budget not spent on innovation • Performing manual IT operations tasks while performing manual or semi-automated audit compliance tasks represent a double whammy • 2nd generation GRC solutions automate repetitive manual tasks with embedded compliance to capture data to automate audit compliance tasks Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Beyond Compliance • In the wake of SOX, the focus was on demonstrating compliance • Focus shifting to reducing the on-going Total Cost of Compliance • Leveraging the GRC investment for competitive advantage • Truly reducing risks • Not just theft and fraud, but mistakes and inconsistencies • More manageable business processes • Appropriate, visible controls – key to management dashboards • Automating manual tasks • Using GRC as the engine to drive change Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Beyond Compliance • Shifting from the “C” to the “G” and the “R” in GRC • Any enterprise, regardless of size, can benefit from implementing a 2nd generation GRC solution • Less time operating, more time innovating • More manageable operations • Lowering costs • Driving change • Optimizing business processes • Increasing business agility Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Graham Packaging Case Study • Global leader in the design, sale and manufacture of value-added, custom molded plastic containers • Based in York, Pennsylvania • Employs 7,500 people at 80 plants spread across 16 countries • Privately held, but registered with the Securities and Exchange Commission (SEC) Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Graham Packaging Case Study • Challenges • Using expensive 1st generation GRC product • Limited to SOX compliance and SOD • Leveraging just one-quarter of functionality • Big implementation project facing company from time/expense perspectives Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Graham Packaging Case Study • Solution • ControlPanelGRC significantly less in cost • Easy to implement and easy to use • Quicker time to value or time to benefit of entire toolset • Payback significant • Automation of master data transport Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Graham Packaging Case Study • Results • Saving significant amount of money • Saving one week’s time in audit preparation • Automated reporting satisfies external auditors • Reduces repetitive tasks 50% now • More IT people using solution, becoming more resourceful • Less dependence on security personnel • ROI in less than 12 months Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About ControlPanelGRC • ABAP based software solution “Built by GRC professionals for GRC professionals” • Integration of existing SymSoft technology and new functionality • 7 modules sold separately or full suite • Broad functionality – Beyond SODs • Change management, Batch management, application and security administration, numerous business process accelerators • Powerful workflow engine automates routine administrative tasks Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About ControlPanelGRC • “Embedded compliance” • Audit/compliance data is captured automatically • Reporting becomes a by-product • Whole new price point • 1/3 the cost of 1st generation solutions • Opens the market to smaller publically traded and privately held regulated enterprises (Pharmas, FDA) Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About ControlPanelGRC • ControlPanelGRC Modules Maps to Business Processes: • Risk Analyzer - Analysis of Segregation of Duty and Sensitive Authorization risks • Emergency Access Manager (formerly SymSoft Fire Call) – Temporary authorization and tracking to troubleshoot production issues • User and Role Manager – Automated workflows to accelerate day-to- day SAP security administration. Numerous practical accelerators • AutoAuditor - Automated execution and delivery of compliance reports – documented review Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About ControlPanelGRC • ControlPanelGRC Modules Maps to Business Processes: • Transport Manager (formerly SymSoft Q-TMS) - Automates the Change Request process via a workflow that maintains an audit trail • Batch Manager – Compliant management, approval, documentation and monitoring cross- system Batch Jobs • Usage Analyzer (formerly SymSoft RBE) – Tracking and reporting or actual system usage. License Optimization Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • About ControlPanelGRC Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Agenda • The Current State of GRC • Components Affecting the Total Cost of Compliance • Beyond Compliance – Considering the “G” and the “R” • Graham Packaging Case Study • About ControlPanelGRC • ROI calculator Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • ROI Calculator 1st Gen. Solution - 1st Gen. Solution - 2nd Gen Cost Area Previously Purchased New Purchase Solution Initial Software License $0.00 $500,000 $125,000 Upgrade fees $100,000 $0 $0 3 years annual maintenance $240,000 $330,000 $60,000 Dedicated servers and infrastructure $200,000 $200,000 $0 New implementation costs $0.00 $75,000 $25,000 Incremental costs to fully implement $75,000 $100,000 $25,000 3 years annual IT admin and support $30,000 $30,000 $0 3 years annual cost of audit $120,000 $120,000 $30,000 preparation and reporting Opportunity Cost - Intangible TCO - Next 3 years $765,000 $1,355,000 $265,000 Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • Wrap Up • Auditors trending towards broader IT audits • Focus moving from compliance to managing the Total Cost of Compliance • 2nd generation GRC solutions are priced 50%-75% less than 1st generation software • Savings on maintenance fees alone offers compelling reasons to consider 2nd generation solutions • New solutions offer embedded compliance and automation of repetitive tasks • ControlPanelGRC driving better business execution, not just demonstrating compliance Professional Solutions for Compliance Automation www.ControlPanelGRC.com
  • For ControlPanelGRC case studies, articles, and archived webinars please visit www.controlpanelgrc.com Thank you! Professional Solutions for Compliance Automation www.ControlPanelGRC.com