You may have invested in Approva, now Infor Risk and Compliance (IRC), in the last year or in the last decade, maybe even when it was still called BizRights. You probably bought the tool as a quick plaster for the SOX wound, a rapid response to demonstrating you had user access control, under control…

Is your current implementation still the best route to cost effective compliance and value creation? Are you on the right track to successful GRC outcomes?

As a Governance, Risk, Controls & Compliance stakeholder, have you asked yourself the following questions:

• Segregation of Duties (SoD) and Sensitive Access (SA) perspective:
  • Are you getting the information you need, efficiently and in a timely manner such that business management, risk & control and your auditors can rely on it?
  • Is your end to end process for SoD an efficient, well-oiled machine or a rusty relic that has not been maintained?
  • Are you addressing all relevant applications, from your core ERP to the feeder systems, new SaaS capabilities to your legacy applications?
  • Have your considered your ERP roadmap and new components and applications?
• User Access Control perspective

• Do you have a process for ensuring that all joiners, movers and leavers are coherently processed through the systems, including subcontract and temporary staff?
• Can you be sure that staff who have left the organization no longer have any access to systems and services?
• Do you have a periodic automated assessment of user access rights by department, operating company and business unit?
• Do you systematically ensure that all new access requests are checked for policy compliance, subject to an auditable approval cycle, and automatically updated into the key systems?

• Data Analytics/Transaction Monitoring perspective:
  • Do you automatically monitor execution of sensitive transactions or combinations to identify and prevent error, waste, and fraud?
  • Do you monitor master data to ensure acceptable levels of data quality to optimize process efficiency and prevent error, waste, and fraud?
  • Do you automatically report on insufficiently segregated duties when offending combinations of activities are performed, as a compensating control?
  • Do you provide transaction level monitoring and analytics to highlight areas of potential business process improvement to enhance operating efficiency?
• GRC tools and process perspective:
  • Is your current compliance tool implementation still giving you what you need as a business and are you getting value for money?
  • What is GRC best practice for your business operating model and systems landscape?
  • Have you integrated your financial control and compliance (ICFR) monitoring into a broader vision for Enterprise Risk Management?
  • Do you have an effective framework that allows you to manage the multiple dimensions of GRC success across stakeholder management, progress reporting, process optimization, skills and business service management as well as technology?

Our panel of experts tackled questions and issues and provided answers by covering the following agenda:

• What is new in the GRC environment – do tools help?
• Am I on the right track?
• From Compliance to Enterprise Risk
• Experiences and Customer Case Studies
• IRC Status Update & Outlook – What’s New?
• What are my options and what is best practice across the industry?
• Critical success factors/Best Practices – ensuring your value for money

We shared our insight, best practice experience and customer case studies to help you benchmark your capability, get the most from your investment, and assess the signals to determine the right track for you.

Our panel hold a collective 30 years experience in Governance, Risk and Compliance and Continuous Controls Monitoring with ERP experience in SAP, Oracle, Infor, Microsoft and others.

To access the recording of the webcast, please enter your details below:

[optinlocker ref_page=„approvaNA”]

[/optinlocker]