Governance, Risk and Compliance covers all legal, regulatory and compliance issues that today's large entities face. It is not focussed only on security and authorisations and is not a term unique to SAP customers.

This site is not meant to replace or duplicate any formal SAP publications but give an overview and an insight into the fast changing world of governance, risk and compliance with a focus on those customers who use SAP.

From SAP perspective there is a top down approach based on risk. Different customers will have different risk perspectives and will have varying requirements based on industry, risk tolerance and their level of corproarte govnernance.

Broadly speaking SAP categorizes the tools as:

Access Controls - Formerly known as the Virsa tools(Compliance Calibrator, Risk Enforcer, Role Expert and Firefighter)

Process controls - New automatic set of controls based on SAP business processes.

EH&S - Compliance with regaulations for emissions, disposal of assets in environmentally safe way, and in the management of chemicals, etc.

Global Trade Services - based on new trade regulations regarding export/import business.

Cisco SONA - SAP and CISCO's partnership to secure data transfer around networks.