Erin Hughes GRC Solution Marketing - SAP · PDF fileGuides and educational material speed end user adoption ... consultants in SAP GTS and SAP HANA ... Erin Hughes GRC Solution Marketing

SAP Rapid Deployment Solutions for

Governance, Risk, and Compliance Erin Hughes

GRC Solution Marketing

© 2012 SAP AG. All rights reserved. 2

Agenda

What are SAP Rapid Deployment Solutions (RDS)?

What RDS are available today for the SAP GRC solutions?

Where can I learn more?


Today’s reality…

“Statistics state that up to 70% of IT projects run late, over-budget, or do

not meet planned goals…Consequently, implementation risk is a

critical factor…”

From “Introducing Packaged Solutions” by Michael Krigsman

"Customers today want choices in how they scope, configure, and

deploy business software."

Peter M. Russo, Managing Director of Pierre Audoin Consultants

„Now when companies think about implementing an application, they

really want to implement an integrated solution“

Henry D. Morris, Senior Vice President of Worldwide Software and

Services, IDC


You want to…

… ensure the most predictable and

fastest time to business value

… deliver the integration the

business demands to start and grow

without compromises

… choose from a modular ready to

use portfolio of solution, deployment

and pricing options


SAP and a Global Partner Ecosystem offer Rapid

Deployment solutions to meet specific business needs…

Software Quickly address the most urgent business

processes

Content SAP best practices, templates and tools

make solution adoption easier

Enablement Guides and educational material speed end

user adoption

Service Fixed scope and price provides maximum

predictability and lowers risk

SAP RAPID DEPLOYMENT

SOLUTIONS

Service

Software

Enablement

Content


… which allow predictability, out-of-the-box integration

and adoption choices as business demands

6

Predictability Fast value in days/weeks

Fixed cost and fixed best practice scope

Integration Integrated start and growth options

Immediate and future IT and business

processes landscape integrity

Choice Modular packages to meet specific

business needs and allow individual

adoption paths

Flexible licensing and deployment options

SAP RAPID DEPLOYMENT

SOLUTIONS


What do SAP Rapid Deployment Solutions mean for you?

Time-to-market of

new business

capabilities

Rate of change

of TCO

Reduction

Ratio of service

versus

license costs

Ratio of successful

and

failed projects

Ratio of initially defined versus

delivered project scope

Ratio of IT budget

versus revenue

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=ee375175-dde1-4029-aa1d-28a9cf625079

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=7afb74b6-bf58-4be9-95d9-e1654d67cba3

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=9c1f811d-8f61-4817-b836-b97bfa3cdeee

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=f386ae0b-d640-4ced-b096-93762a33e799

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=743fd895-1c92-4b4c-9173-ca7c87e755b3

http://imagedirectory.wdf.sap.corp:6085/ImageLibrary/ImageDetailsView?imageId=a0f4ecff-23d7-458a-a9dc-dae152639974


Agenda





SAP® Access Control

Reduce access risk and

fraud

Reduce the cost of access

management

Reduce the cost of ongoing

compliance activities

Automatically detect and

remediate access risk

violations

Streamline requests for multiple

systems and embed

preventative compliance

checks

Automate compliance reviews of

segregation of duties, critical

access, and superuser privileges


SAP® Access Control

Closed-loop emergency access management 2 1

Streamlined user access management 3 SAP Access Approver mobile app 4

Integration with IdM systems 5 Comprehensive business role management 6

Automated periodic access reviews 7 Embedded SAP BusinessObjects reporting 8

Unified compliance platform 9 Rapid Deployment Solution (RDS) 10

Automated, real-time access risk analysis


SAP® Access Control Rapid Deployment Solution - live in

approximately 7 weeks


Closed-loop emergency access management

Streamlined user access management

Comprehensive business role management


Technical Requirements

Software requirements

SAP BusinessObjects Access Control 10.0 SP05 or SP07

SAP GUI client

SAP Solution Manager 7.1

SAP ERP 6.0 Application Server ABAP

SAP Best Practices Add-on

• BP-CANW 702V[xy]

• This Add-On contains the SAP RDS technical framework (e.g. BC-Sets, eCATTS, print programs)

• BP-SOLBLD 70V[yz]

• This Add-On contains the SAP Best Practices solution builder program


SAP® Access Control Rapid Deployment Solution –

Solution Scope







Solution Scope

•Upload the rule set with sample data

•Sample mitigating controls

•Sample data for risk owners

•Pre-configured mitigating control workflow




Solution Scope

•Sample firefighter IDs

•Sample owners and controllers

•Pre-configured log report workflow




Solution Scope

•Pre-configured provisioning workflows

•Pre-configured user access review workflow




Solution Scope

•Sample business role

•Pre-configured business role approval workflow

•Role derivation



What does SAP deliver? What do you have to do?

• Hardware Sizing

• Installation SAP BusinessObjects Access Control

10

• Business requirements

– Rule set

– Mitigations Controls

– User Assignment

• Testing

Key deliverables

• Installation check

• Workshop to confirm the pre-defined

requirements

• Project documents: Work Breakdown

Structure including a project schedule, Test

Scripts and Scoping Questionnaire

• Activation and Unit Test of chosen

packages for the SAP BusinessObjects

Access Control rapid-deployment solution

in the development system

• Knowledge transfer to key users on

configured SAP BusinessObjects Access

Control rapid-deployment solution system

• Support for going live


More on Services…

19

Prepare Project

Kick off workshop

Select Options

Check Installation

SAP involvement Customer involvement

Start Run Deploy 1 3 2

Activate Solution

Confirm Solution

Acceptance

Testing

Train Key Users

Set up

Customer Data

Transport

End-user Training

and Organisation

Change Management

Prepare Production

Project Sign-off

&Support

Note: This slide represents a typical deployment. Exact details may differ according to solution.


Pre-defined Services for Rapid Deployment Solutions


Project management

Kick-off workshop participation

Preparing technical infrastructure

Accelerators / Deliverables Consulting Delivery Guide Project schedule WBS

Service Delivery Model, roles and responsibilities

Request for consultants template Process descriptions Process-flow-documents Kick-off presentation Consumption Guide Pre-delivery requirements and

checklist


Solution Realization

Master Data Load

Refinement Workshop &

Refinement Realization

Knowledge Transfer to Key Users

Accelerators / Deliverables Installation guide

Solution Documentation

Solution Manager content

Best-Practices content

(pre-configuration)

Configuration activities

Consulting Delivery Guide

Implementation Content

Performance Tests

End User Training

Sign off of solution

Go-Live Preparation

Go-Live

Post go-live support and activities

Improvements and road map

workshop

Accelerators / Deliverables Test cases

Deliverable acceptance forms

Training Materials –

Process-flow recordings etc.

Go-Live Checklist

Your path to Go-Live: fast, efficiently and at predictable cost

Fixed-price Implementation Services

Pre-defined Project Methodology

Ready-to-use Accelerators


Agenda





In-Memory Computing Product “SAP HANA” SAP High Performance Analytic Appliance

SAP HANA

SAP

Business

Suite

SAP BW

3rd Party

replicate

ETL

SAP HANA

modeling

BI Clients

SQ

L

MD

X

BIC

S

3rd Party What is SAP HANA? SAP HANA is a pre-configured appliance that

includes in-memory software bundled with

hardware

Includes tools for data modeling, data and life

cycle management, security, operations, etc.

Provides support for multiple interfaces

HANA’s Capabilities Analyze information in real-time at

unprecedented speeds on large volumes of non-

aggregated data.

Create flexible analytic models based on real-

time and historic business data

Foundation for new category of applications

(e.g., planning, simulation) to significantly

outperform current applications in category

Minimizes data duplication


Sanctioned Party List (SPL) Screening

1) Who am I doing business with? 2) Who is visiting my facilities? 3) Who do I have working for my organization

including contractors?

Individuals and companies are prohibited or restricted from providing services or

goods of any kind to any party shown on DENIED or RESTRICTED PARTY lists.

Examples of Denied / Restricted Party Lists

• Embargoed or terrorist denominated countries by national governments

• United Nations Security Council embargoed countries

• Restricted Parties Lists

• Department of Commerce Entity List

• Office of Foreign Asset Control (OFAC) List

• Denied Parties

• Commerce Dept. Denial List

• Treasury Dept. Specially Designated Nationals

• Treasury Dept. Money Laundering Concerns

• State Dept. Chemical & Biological Weapons Concerns

• Parties of Concern

• United States Unverified List/ Red Flag Concerns

• United Kingdom Proliferator Concerns

• Japanese Proliferator Concerns

• European Union Sanctions List

• United Nations Sanctions List

• US Presidential memorandum “Enhancing payment accuracy through do-not-pay-list”


Challenges to Sanctioned Party List analysis insight

Process Performance

Business performance is impacted by poor reporting

• Audit Trail

• Blocked Business partners

• Blocked Documents

• Incomplete Documents

Data volumes

High volume of Business Partners and Documents

regular / periodic update of Sanctioned Party List from

Government Agencies / Data Providers

Speed of analysis and reporting

■ Delay in access to Audit trail data in a timely manner,

leading to Business Operational issues and financial

risks involved with imports and exports.

Yet…

Challenging times mean ever pressing

needs

■ In these times of austerity, access to trusted, timely,

accurate and detailed list of Approved/Sanctioned

Business Partners / Documents could make the

difference between corporate success or failure


System requirements

Software requirements

SAP GRC GTS 10.0 - SP10 - Note: 1664530

HANA 1.0 SP03

NW release 7.00 or higher


SAP GTS rapid-deployment solution for SPL analysis with SAP HANA

Accelerate SPL analysis Performance and

Efficiency

■ Real time access to massive amounts of screened

SPL data (blocked partners, documents)

■ Accelerated run-times for Audit trails (SPL logs)

■ Rapid, non-disruptive deployment of the solution

■ Accelerated check of reports / Screened data /

logs using SAP HANA as a secondary database

Unlock opportunities to maximize

performance

■ Accelerated access to screened SPL data

■ Accelerated access to Incomplete documents ,

Audit trail , blocked Business Partners and blocked

documents


What does SAP deliver? What does the customer have to do?

SAP GTS SPL configured

Provide the IT infrastructure

Provide fixed contact people in the business and

IT departments

Provide user and sufficient authorizations for

consultants in SAP GTS and SAP HANA

Performance and integration testing

Data Upload (File from 3rd party data provider)

End-user training

Acceptance Testing

Change Management

Post Go-live support

Key deliverables

Check of installation and frontend

Initial scoping workshop to understand and cover

your requirements

Project documents: Work Breakdown Structure

including a project schedule, Test Scripts and

Scoping Questionnaire

Activation and Unit Test HANA GTS SPL

Accelerator

Rapid-deployment solution in the development

system

Knowledge transfer to key users and

documentation on configured HANA GTS SPL

Accelerator

Assistance with transferring the solution to the

productive system

Support for going live


More on Services…

28

Prepare Project

Kick off workshop

Select Options

Check Installation

SAP involvement Customer involvement


Activate Solution

Confirm Solution

Acceptance

Testing

Train Key Users

Set up

Customer Data

Transport

End-user Training

and Organisation

Change Management

Prepare Production

Project Sign-off

&Support



Pre-defined Services for Rapid Deployment Solutions


Project management

Kick-off workshop participation

Preparing technical infrastructure

Accelerators / Deliverables Consulting Delivery Guide Project schedule WBS

Service Delivery Model, roles and responsibilities

Request for consultants template Process descriptions Process-flow-documents Kick-off presentation Consumption Guide Pre-delivery requirements and

checklist


Solution Realization

Master Data Load

Refinement Workshop &

Refinement Realization

Knowledge Transfer to Key Users

Accelerators / Deliverables Installation guide

Solution Documentation

Solution Manager content

Best-Practices content

(pre-configuration)

Configuration activities

Consulting Delivery Guide

Implementation Content

Performance Tests

End User Training

Sign off of solution

Go-Live Preparation

Go-Live

Post go-live support and activities

Improvements and road map

workshop

Accelerators / Deliverables Test cases

Deliverable acceptance forms

Training Materials –

Process-flow recordings etc.

Go-Live Checklist

Your path to Go-Live: fast, efficiently and at predictable cost

Fixed-price Implementation Services

Pre-defined Project Methodology

Ready-to-use Accelerators


Agenda





Resources

SAP Rapid Deployment Solutions

• SAP Rapid Deployment Solutions on SAP.com

• SAP Rapid Deployment Solutions on Service Marketplace

• SAP Rapid Deployment Solutions on Ecohub

• SAP Rapid Deployment Solutions on PartnerEdge

SAP GRC Rapid Deployment Solutions

• SAP Access Control RDS on SAP Service Marketplace

• SAP GTS SPL with HANA RDS on SAP Service Marketplace

http://www.sap.com/rds/index.epx

http://service.sap.com/solutionpackages

http://ecohub.sdn.sap.com/irj/ecohub/solutions?query=rds

https://websmp204.sap-ag.de/~form/sapnet?_SHORTKEY=01100035870000733923&_SCENARIO=01100035870000000192&_ADDINC=&

https://websmp210.sap-ag.de/rds-grc-ac

Questions?

Thank you!

Contact information:

Erin Hughes

GRC Solution Marketing

[email protected]

© 2012 SAP AG. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without pr ior notice.

Some software products marketed by SAP AG and its distributors contain proprietary software c omponents of ot her software vendors.

Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries, eServer, z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix ar e trademarks or r egistered trademarks of IBM Corporation.

Linux is the registered trademark of Linus T orvalds in the U.S. and other countries.

Adobe, the Adobe logo, Acrobat, PostScript, and Reader are ei ther trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries.Oracle is a registered trademark of O racle Corporation.

UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.

Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or r egistered trademarks of C itrix Systems, Inc.HTML, XML, XHTML and W3C are trademarks or registered trademarks of W 3C®, World Wide Web Consortium, Massachusetts Institute of Technology.

Java is a registered trademark of Oracle Corporation.

JavaScript is a registered trademark of Oracle Corporation, used under license for technology invented and implemented by Netscape. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, and other SAP products and services mentioned herein as well as their respective logos are t rademarks or registered trademarks of SAP AG in Germany and other countries.

© 2012 SAP AG. All rights reserved

Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or r egistered trademarks of Business Objects Software Ltd. Business Objects is an SAP company.

Sybase and Adaptive Server, iAnywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase, Inc. Sybase is an SAP company.

All other product and service names mentioned are the t rademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may var y.The information in this document is proprietary to SAP. No part of this document may be reproduced, copied, or transmitted in any form or for any purpose without the express prior written permission of SAP AG.

This document is a preliminary version and not subject to your license agreement or any other agreement with SAP. This document contains only intended strategies, developments, and functionalities of the SAP® product and is not intended to be binding upon SAP to any particular course of business, product strategy, and/or development. Please note that this document is subject to change and may be changed by SAP at any time without notice.

SAP assumes no responsibility for errors or omissions in this document. SAP does not warrant the ac curacy or c ompleteness of the information, text, graphics, links, or ot her items contained within this material. This document is provided without a warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, or non-infringement.SAP shall have no liability for damages of any kind including without limitation direct, special, indirect, or consequential damages that may result from the use of t hese materials. This limitation shall not apply in cases of intent or gross negligence.

The statutory liability for personal injury and defective products is not affected. SAP has no control over the information that you may access through the use of h ot links contained in these materials and does not endorse your use of third-party Web pages nor provide any warranty whatsoever relating to third-party Web pages.