SAP unveils compliance products

Delivering on a promise made earlier this year, SAP has unveiled the first set of products to help businesses meet their compliance requirements, in addition to announcing a marketing agreement with Cisco Systems.

The three new governance, risk, and compliance (GRC) applications, based on SAP's new SOA (service-oriented architecture), offer companies help with repository, process control, and risk management functions, the Walldorf, Germany, company said Wednesday.

In May, SAP announced the creation of a new GRC business unit at its Sapphire customer event in Orlando. The unit was set up to develop new technology to help companies meet a growing list of compliance requirements, such as the Sarbanes Oxley Act (SOX), Food and Drug Administration (FDA) regulations for pharmaceutical companies, and Basel II regulations for the banking sector.

The SAP GRC Repository application documents and maintains GRC information in a single central system, including corporate policies and regulations, and will also store and link risk and control libraries to multiple control frameworks and international regulations. The centralization of GRC information simplifies risk management, increases transparency and cuts costs associated with GRC initiatives, according to SAP.

SAP GRC Process Control is designed to automatically aggregate business process risks for the entire company, provide supporting evidence of compliance and pinpoint control violations so that corrective action can be given a priority. The software integrates automated control monitoring for SAP and non-SAP applications.

To help customers implement collaborative risk management processes, the SAP GRC Risk Management application provides a thorough analysis of key business risks at multiple levels of the company, across organization entities, business process and IT infrastructure, according to SAP. It is designed to help professional risk managers and company owners identify financial, legal and operational risks, analyze business opportunities in light of these and develop appropriate responses.

SAP will sell all three products separately. The repository and process control applications will ship Nov. 30, with the risk management software product to follow in December.

In addition, SAP has signed a joint marketing agreement with Cisco that will target GRC business processes and IT control issues across the entire IT infrastructure, including the network and application layers.

Under the agreement, targeted at the U.S. and Canada, the companies will collaborate in sales and marketing activities, and provide complementary products that offer new levels of IT management and controls between Cisco's service-oriented network architecture (SONA) and SAP's three new GRC applications.

Further information about the products is available here.