Governance, Risk & Compliance (GRC)

Reddyinfotech helps its clients with implementation and upgrade of SAP GRC system through implementing GRC version 10.1 and deploying CUP module to automate access request management and Process Controls. Our focus is on upgrading GRC systemand deploying SAP Access Control GRC 10.1 version. We will help with end to end access control services, namely the access control modules such as ARA( Access Risk Assessment), EAM ( Emergency Access Management) and ARM ( Access Risk Management). Implementing ARM involves deploying work flows for access Request, user access review and SOD review. Our GRC specialists have mastered in deploying GRC in 3-tiered environment (DEV, QAS and PRD). We implement SAP GRC Process Control version 10.1 replacing current IBM OpenPages solution with focus on identifying and implementing key elements of major GRC Process Controls, creating questionnaires and workflows and assist in data migration from OpenPages to Process Controls and automate and build automated controls. We also evaluate the use of configurable automated business process controls available in the SAP ECC environment; implement selected process controls that complement the overall internal controls strategy and configure the GRC application to continuously monitor the operating effectiveness of such controls by building SOX reports.

Business man pressing compliance button at his office. Compliance concept, toned photo.

Further, we implement Greenlight application and connectors to ECC, BW, BPC, PI, APO, SuccessFactors, and non-SAP systems (non-SAP systems may include AD access managed applications) and assist in the identification of standard Greenlight reports for SAP applications and assist with building custom reports for non-SAP systems. Lastly, we assist our clients with project management, change management and system related documentation for end users of Access Control (requesting access to SAP or a non-SAP system, manager and role owner approvals, requesting the removal of access to SAP or a non-SAP system, etc.) and Process Control (opening and completing a SOX test, attaching documentation to a SOX test, initiating quarterly reviews, etc.).

For further details, please call on our GRC experts by writing to info@reddyinfotech.