I recently attended Vision 2012, IBM’s conference for users of its financial governance, risk management and performance optimization software. I reviewed the finance portion of the program in a previous blog. I’ve been commenting on governance, risk and compliance (GRC) for several years, often with the caveat that GRC is a catch-all term invented by industry analysts initially to cover a broad set of individual software applications. Each of these was designed to address specific requirements across a spectrum of users in operations, IT and Finance within a company, often to meet the needs for a specific industry such as financial services or pharmaceuticals. Vision 2012 covered a lot of ground under the GRC heading, confirming the breadth of both this software category and IBM’s offerings in it. I want to focus on two areas: automation of IT governance activities and effective management of GRC-related data.
Topics: Governance, GRC, Access Controls, identity controls, OpenPages, process controls, Operational Performance, Business Collaboration, Business Performance, Financial Performance, IBM, compliance, risk management, controls, IT controls
When the term “governance, risk and compliance” (GRC) was introduced almost 10 years ago, software for this purpose was not a real category but a loose grouping of disparate applications that had something to do with meeting the requirements of the recently passed Sarbanes-Oxley Act. (You can find my perspective on the GRC category from a couple of years ago here. Now, with the release 10.0 of SAP BusinessObjects GRC, SAP is taking another step toward making the software category a real, comprehensive one that addresses the business and IT requirements of risk and compliance management efforts. This is the first platform that enables companies to efficiently provision risk and compliance management at an elemental level (for example, to manage individual access controls and process controls) and – over time – to gain effectiveness benefits from having the ability to comprehensively manage compliance and risk.
Topics: SAP, GRC, Access Controls, IT Research, Operational Performance, Analytics, Business Intelligence, Business Performance, Financial Performance, Information Management, Chief Financial Officer, risk management, Corporate Governance, Governance Risk and Compliance