After SAPPHIRE06 , i have always wanted to spend sometime better understanding the GRC (Governance, Risk-Management & Compliance) Model of SAP, As during SAPPHIRE06 the keynote speakers made it quite clear that in SAP all the compliances pieces are comprehensively available with their final acquisition of VIRSA,
Today, i spent sometime reading the white papers available on the site,this one started with what SAP termed the GRC Maturity Model, which is a suggested course/approach for all organizations chart through the murky waters of Governance, Risk-Management & Compliance.
GRC Maturity model explained:
phase 1: Blissfull Unawareness
Phase 2: Fragmented Implementation
Phase 3: Consolidation
Phase 4: Operational Excellence
This chart highlights the same, 
Phase 1:
management is unaware of the interdependencies of risk and governance and is focused only on the obvious, most critical mandatory compliance issues. Companies in this phase are often early start-ups and small, private businesses that are more concerned about staying afloat,This limited GRC awareness trickles down to employees and is reflected by little investment in tools and policies to support
GRC.
Phase 2:
The majority of organizations today fall into the fragmented implementation phase. For these companies, the pressures of local regulatory compliance issues, corporate governance demands, and dynamic business models usually result in disconnected, tactical approaches to these issues. However, there is a growing awareness among executive management that something must be done about the fragmentation of their governance, risk, and compliance initiatives.
Phase 3:
When your organization evolves into the consolidation phase, the GRC committee has developed and accepted a consistent GRC framework, senior management has committed to it, and your organization is ready to initiate a strategic change. Typically, one or two high-risk projects are selected to serve as pilots for the GRC framework.
Phase 4:
When your business has successfully transformed the way GRC is embedded into your culture and business processes, you are moving into the operational excellence phase. Characteristics of
GRC operational excellence typically include a balanced GRC view across all processes, projects, and objects; GRC ingrained at all organizational levels across the enterprise; and a common language and set of metrics for use with all initiatives.
Source: 1
Prashanth Rai
Addthis
Ask
Blinklist
del.icio.us
Digg
Fark
Facebook
Google
Lycos
Ma.gnolia
Mr Wong
Netscape
Netvousz
Newsvine
Reddit
StumbleUpon
Slashdot
Tailrank
Technorati
Wink
Yahoo
Vote for SAP Goverernace, Risk Mgmt & Compliance Approach Understanding:
|
Rating: 8.00 out of 1 vote(s) cast.
|
-
Online MBA Degrees - earn your mba degree online with one of hundreds of programs available at elearners.com
| RSS |  See all blog subscribe options |
 What is RSS? | |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Newsletter | |
| Follow us on Twitter! |
