Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.
19 May 2023

Turnkey's takeaways from UKISUG Connect 2017

With three days of SAP peers under the same roof, the UK & Ireland SAP User Group (UKISUG) Connect conference is a key event in Turnkey’s diary.

The event provides strategic insight into the SAP ecosystem; hours of education and expert sessions (with something for everyone), combined with networking opportunities that, in our experience, are second to none.  It is also a welcome opportunity to spend quality time with existing customers. As always, there are some highlights of the conference and this post summarises our key takeaways.




GDPR compliance needs more than GDPR ‘experts’

As referenced in my pre-event blog, a key focus was the General Data Protection Regulation (GDPR).  It’s encouraging to see organisations taking it very seriously, and interesting to note the increased interest in SAP’s GRC (Governance, Risk and Compliance) Process Controls tool as a result (usually it’s Access Controls which gets the airtime at this event).


But while there is now widespread acknowledgement of the issue, it’s concerning that many enterprises haven’t yet done much preparation work, despite the deadline being less than six months away.


UKISUG also confirmed our observation that there seem to be a lot of newly-positioned ‘experts’ hitching a ride on the GDPR bandwagon. To our mind, the need for data protection and internal controls in the SAP environment is nothing new; GDPR is the latest piece of legislation. Its draconian penalties and the lack of clarity about how it will be played out have brought GDPR to the attention of the mainstream, but working with it requires solid compliance expertise, built up through in-depth experience. 

New Call-to-action


Disruptive technologies support risk management

Two keynotes stood out, both presented by Constellation Research’s Ray Wang, a compelling speaker.  A fireside chat with Hala Zeine from SAP, Moving to the New World, on Monday looked at the hype around digital transformation, and how this can and should be linked back to achievable business transformation.  Under the banner of collaboration, it explored various disruptive technologies including artificial intelligence (AI), the Internet of Things (IoT) and machine learning.


My takeaway, in addition to the commoditisation of data, was how SAP technology is being tied back into end-to-end processes, extending these beyond the retailer to connect manufacturers directly to the consumer. This is challenging these businesses to re-invent their processes to be more customer-centric. From a GRC perspective this approach resonates with the way that we are seeing risk information integrated into business processes to inform decision making, for example in the digital boardroom.




When the machines take over: new supply chain models

On Tuesday Ray looked at the highly topical issue of What happens when the machines take over?.  With AI, machine learning and cognitive computing no longer the sole preserve of science fiction, he discussed their impact on workforces, consumers and organisations.


Some of the themes covered reminded me of Michael Braungart and William McDonough’s ‘Cradle to Cradle’. This book explores the way we are reinventing the how we make things, building recycling and reusability into our manufacturing processes and removing in-built obsolescence from industrial design. The authors put this model forward as the only way for society to be truly eco-friendly. A key theme – which was picked up in Ray’s keynote - is the concept of manufacturers moving away from the creation of products and towards the delivery of services.


Very simply, under this premise a company that previously manufactured and sold washing machines for example will now see itself as providing a home cleaning service for clothes.  This requires it to ensure the consumer has a fully-operational washing machine at all times. The supplier automatically replaces parts as they wear out or fail; the user does not have to be involved – or ever buy a new washing machine.


This is a really interesting shift because it moves away from products being designed to eventually require a replacement to be purchased.  Instead, it’s in the supplier’s interests to make or provide items that are as robust as possible.


At its most basic level, the focus is on making things as efficient as possible which, on a day-to-day basis, links back to the work that we do with controls automation. I also saw interesting parallels with our Bedrock service where we are striving to deliver the desired outcome for the customer on a longer-term basis, rather than install a product that may or may not function as desired once we leave.




Keeping a finger on the (SAP) pulse

UKISUG Connect combines practical insight with thought-provoking discussions on all things SAP and a chance to share knowledge and learn from others’ experience. 


As the pace of technological change continues to increase at exponential speed, the SAP community should be engaged with events of this nature, while SAP users need to drive the agendas that are key to their businesses.