 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||||||||
|
|
|
|
|
|
|
|
|
|
||||||||
  |
THOUGHT LEADERSHIP
|
 |
|||||
|
GRC Uptake in the Public Sector By
Sam Sliman In a post-Enron world, one might assume that governance, risk and compliance (GRC) solutions are most applicable for publicly traded companies scrambling to achieve Sarbanes-Oxley (SOX) compliance. However, SAP’s comprehensive portfolio of GRC solutions addresses issues that go far beyond SOX, or those exclusive to publicly traded businesses for that matter. In fact, a growing number of federal, state and local government agencies are tapping SAP’s GRC offering to tackle everything from anti-terrorism to data privacy. Just as public companies are responsible to their shareholders, government agencies are responsible to their constituents. Accountability, transparency, compliance and security are paramount to both. A rise in incidents of personal data stolen from government laptops; the heightened threat of terrorism worldwide; a spotlight on IT-related risk and security; and a strong emphasis on increasing efficiency and reducing costs at all government agencies has never been greater. SAP solutions for GRC deliver on all of these fronts. Take security. The Federal Information Security Management Act (FISMA), signed into law in 2002, requires each federal agency to develop, document, and implement an agency-wide information security program. In connection with FISMA, government agencies must comply with numerous security certification and accreditation (CA) mandates, which are designed to provide a form of quality control and impose a measure of responsibility and accountability on senior officials in charge of government agencies. Public outcry over security lapses, including high-profile breaches at the Veterans Administration (VA) and the Federal Trade Commission (FTC), among others, is reaching deafening levels. SAP GRC helps government agencies respond to this crisis, enabling agencies to establish an integrated framework of centrally managed GRC processes and information; providing agencies with a means to automatically monitor business processes and IT controls; and helping agencies implement collaborative, organization-wide risk management processes. Government agencies today are subjected to an unprecedented degree of scrutiny when it comes to possible inefficiency or waste. SAP GRC provides assistance on this front as well, improving key financial and related processes to enforce controls and realize significant cost savings; enabling agencies to do more with less while gaining important productivity advantages by creating processes that eliminate unnecessary and time-consuming steps; eliminating needless and costly errors by automating processes and ensuring that reporting and tracking are up to date and accurate. SAP has more than 1,500 public sector customers in 70 countries spanning the globe, and GRC will be increasingly adopted by government agencies as they strive for security compliance, performance excellence and, most importantly, the confidence of their constituents.
|
|
||||||
 |
|||
 |
|||
