Although some may BE tempted to discount the latest suite of products from SAP as just another governance, risk and compliance (GRC) offering, they would be wrong. With its launch in March of SAP GRC Access Control, SAP GRC Process Control, SAP Global Trade Services, and a new, integrated SAP GRC Risk Management and SAP GRC Strategy Management, SAP has moved as close as any vendor to a one-stop shop for GRC. "I'd say SAP is 80% of the way there," says Michael Rasmussen, former Forrester GRC tech guru and now president of GRC consultancy Corporate Integrity. "They still need something for managing documents and processes, but what's important about this latest portfolio of products is that SAP is delivering on its vision to [move away] from siloed products. They now have got one of the broadest packages out there."
Adds Lee Dittmar, a partner at Deloitte, SAP has made a "qualitative change" in the information management arena.
With the new financial performance suite, SAP has created an enterprise-wide "loop," notes SAP's Narina Sippy, senior vice president and general manager for GRC, which seamlessly ties risk management in with strategy, planning and operations. In the new suite, "strategy leads to planning and consolidation with profitability analysis that can then loop back to possible changes in strategy, planning or operations--all integrated with risk management," Sippy explains.
"With this suite, SAP has made the `R' bigger in `GRC'," says John Hagerty, vice president and research fellow at AMR Research. "That's what finance officers really want--to look at risk across the enterprise."
Says Jay Thompson, Atlanta-based practice leader of Protiviti Inc.'s enterprise information management operation, "SAP has a strategy built around the office of the CFO. That's where and why SAP's acquisition of Business Objects is a big deal."
"Our goal," says Jonathan Becher, chief marketing officer for SAP's Business Objects unit, "is to achieve business performance optimization."