SAP Users interested in GRC gathered at Suntec Conference Room 336 on Sep 7 to attend the mini-seminar ‘GRC Made Easy’. The seminar was organized by IncQ Consulting, XS Control and MARC Solutions. Mr. David Yueng opened the event and introduced the speakers. First in row to speak was Mr. Larry Justice who addressed the effects of new ‘hot topics’ in the SAP world such as HANA, Cloud, Mobile and Cyber thread. The GRC response to these new topics is definitely no rocket science! Next Mr. Marcel Huijskens spoke about the changes in the SAP application landscape and how to respond to these changes from a GRC point of view. GRC fundamentals need to be in place regardless of any software supporting your GRC initiatives. Finally Mr. Jay Chandra provided web demos of ‘SoD analysis in the cloud’ and ‘Privileged Access Management’ using MARC software. MARC’s strong reporting features definitely drew attention and interest among the attendees. Mr. David Yueng closed the seminar with a lively panel discussion, followed by further discussion among participants while enjoying a drink and a bite.
Our next GRC Made Easy event will be organized in Bangkok – Thailand. The date and location will be shared with you timely. Looking forward meeting you in Bangkok!
XSControl and IncQ Consulting will be jointly hosting a booth at the SAP Insider event in Singapore Marina Bay Sands Expo & Convention Centre. Also we will have two very interesting speaker slots:
Preparing your role strategy for the implementation of SAP Access Control – by Larry Justice, Director SAP GRC and Security at IncQ Consulting
The 10 most valuable features of SAP Access Control: What they are and how to use them – by Marcel Huijskens, Managing Director XS Control
We look forward to seeing you at the SAP Insider event.
Link to event information:
The SAP GRC Joint Venture workshop at the venue of SAP Thailand was a great success.
Thank you all for attending.
Click here to download the event photos in pdf-file.
Event details from this workshop are archived here:
If you missed the workshop and are interested to learn more on SAP GRC and especially Risk Management please contact us at the following email address: firstname.lastname@example.org or email@example.com , to be reached on +66 800 674 673.
We look forward helping your business get from Risk Awareness to Full Control!
Over the last few years there have been indications of rising interest in SAP systems by white hatters and black hatters, and I guess any colour in between. In any case the world has got more dangerous for systems in general, not least because they are increasingly interconnected and exposed in ways that were unthinkable (for most) in the past. Although traditional security solutions remain vital for minimizing the attacks on your system landscape, you can and should assume that there will be unhealthy activity within your defensive perimeters. Determined attackers are likely to get through eventually and the best technical precautions might be nullified by internal personnel or by social engineering tricks.
These are well known dangers, and there appears to be a serious gap in the coverage of SAP systems by existing security products. These lack insight into SAP business software and also run up against what is essentially a big-data problem – that is, how to analyse the security-relevant data that exists in the landscape. Later this year, SAP plans to go into ramp-up with a new product designed to address exactly this issue.