The new risk management suite, SAP GRC 12.0 has been available since March 2018 and with its launch came a firm commitment from SAP that SAP GRC on-premise will see continued investment.
1. Improved user experience
Perhaps the biggest benefit of SAP GRC 12.0 is an improved user experience, which has been significantly improved from GRC 10.1.
This is partly because SAP has now included GRC in its broader strategy of moving towards mobile devices. So, you can now access the functionality and features of 12.0 through Fiori Launchpad, which at a stroke increases the accessibility of the suite to users across your organisation and ensures people can do what they need to do while away from the office. This promises to greatly speed up working practices, particularly as managers - wherever they are - can now immediately review and approve time-sensitive access requests.
And, along with enhanced access capability, the interface itself is now simpler, cleaner and more intuitive. Modules appear as tiles, and you can personalise your own Launchpad and use drag and drop to add, remove and sort apps.
Overall, the improved UX of SAP 12.0 will increase productivity and provide greater transparency - as all users now have faster and easier access to relevant information.
2. Easier user adoption
Although SAP GRC 12.0 is very much new and improved, functionality will be familiar to any user of SAP GRC 10.1 – making it easy to adapt to and understand. Although things may look different, it is designed to enable an easy transition, so there will be no vast manual to read, or endless rounds of classroom training to sit through.
At most, what is needed are brief release notes with simple step-by-step instructions introducing users to the key changes. In short, users can hit the ground running with 12.0 - meaning no costly bill for training or ongoing technical support.
3. Enhanced integration
Cloud applications are now supported via Cloud Identity Access Governance (Cloud IAG) in SAP 12.0. This an important milestone for the increasing number of SAP customers adopting SAP Cloud solutions such as Ariba, Fieldglass and Concur.
Now that Access Control 12.0 integrates with Cloud IAG, the Risk Analysis and User Provisioning processes can be catered for across SAP On-Premise and Cloud applications natively. There is also end-to-end integration with SAP SuccessFactors, as well as access analysis for the following:
- SAP Fiori Apps in SAP S/4HANA on-premise
- Emergency Access Management for SAP HANA database
- SAP Identity Management for centralised provisioning and business role management
- SAP SuccessFactors Employee Central Payroll
With more SAP customers looking to move to SAP S/4 HANA, it’s worth noting that
SAP has also introduced a new risk ruleset library for SAP Access Control for S/4. S/4 HANA has changed the authorisation model making transactions either obsolete or providing less detail, so this feature will provide some comfort for those migrating.
4. Better process optimisation
The move to SAP GRC 12.0 has included significant attention to some of the more resource heavy data synchronisation jobs. These have been re-developed to focus on improved performance and so includes more filters, inherent job splitting and improved control over the volume of data to be synchronised. The User Access Review data generation, repository sync and LDAP syncs in particular have been improved through this upgrade. In addition, a mass role methodology update means you can now re-apply the methodology for multiple roles at a time, and there is simplified Firefighter owner/controller maintenance.
5. Improvements to SAP Risk Management and SAP Process Control
With SAP GRC 12.0, more features are now available for Risk Assessment Workflow, Automated Aggregation improvements and Activity Validation Workflow. And with SAP Process Control, users can now trigger ad-hoc business rules for Continuous Control Monitoring Subprocess Design Assessment workflow.