-
Featured services
Think beyond the robots
The successful integration of AI and IoT in manufacturing will depend on effective change management, upskilling and rethinking business models.
Read the blog -
Services
Leverage our capabilities to accelerate your business transformation.
-
Services
Network Services
-
Services
Cloud
-
Services
Consulting
-
-
Services
Data and Artificial Intelligence
- AI and Intelligent Solutions
- Data/AI Strategy and Program
- Data Engineering and Platforms
- Data Governance and Management
- Data Visualization and Business Decision
- GenAI Consulting
- GenAI Platforms
- GenAI Industry Services
- GenAI Infrastructure Services
- GenAI Value Transformation
- View Data and Artificial Intelligence
-
Services
Technology Solutions
-
Services
Global Data Centers
-
Services
CX and Digital Products
-
Services
Application Services
-
Services
Sustainability Services
-
Services
Digital Workplace
-
Services
Business Process Services
-
Services
Generative AI
-
Services
Cybersecurity
-
Services
Enterprise Application Platforms
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
-
Insights
Recent Insights
-
The Future of Networking in 2025 and Beyond
-
Using the cloud to cut costs needs the right approach
When organizations focus on transformation, a move to the cloud can deliver cost savings – but they often need expert advice to help them along their journey
-
Make zero trust security work for your organization
Make zero trust security work for your organization across hybrid work environments.
-
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
Discover how we accelerate your business transformation
-
About us
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
-
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
Everest Group PEAK Matrix® Assessment
NTT DATA is a Leader and Star Performer in the Everest Group Sustainability Enablement Technology Services PEAK Matrix® Assessment 2024.
Get the Everest report -
- Careers
Topics in this article
When it comes to SAP governance, risk management and compliance (GRC), things don’t always go so smoothly. With the right tools, team and approach, you can automate audit readiness, save money and improve productivity. Here are five common SAP GRC problems, along with ways to solve them.
1. Your SAP GRC software doesn’t live up to your expectations
With some SAP GRC software solutions, many companies never achieve a base level of functionality. The first step in addressing this problem is resetting expectations. SAP GRC software is supposed to be enterprise-grade. It shouldn’t have gaps or glitches that require endless tinkering or elaborate workarounds — it should solve your problems.
Sit down with your compliance team or bring in a GRC consulting partner. Think about questions like: How is our current SAP GRC solution falling short? What effect is it having on audit results? What extra work is it creating internally? And what would it take for an SAP GRC solution to meet all our needs?
2. You’re struggling with consistently poor SAP audit findings
All too often, a poor audit – or several of them – is what forces a company to face how broken its GRC processes and software are. Organizations find themselves in a cycle of poor audits and unsuccessful remediation, wasting money and resources while maintaining an unacceptable level of legal risk.
That was the situation a leading manufacturing company and supplier of premium building materials found itself in when it first approached NTT’s Managed Services division. The company had already invested in trying to address negative auditor findings, but remediation efforts had failed — and efforts at manual remediation made the situation worse.
It turned out to be much easier to implement something new. With ControlPanelGRC – implemented in just one week – the company completed its entire remediation project in under four months. Benefits included:
- 80% lower security consulting costs
- 75% reduction in annual SAP security administration costs
- 50% lower external audit costs
3. Your SAP GRC software produces unusable output
SAP GRC solutions should produce output that supports the needs of a range of stakeholders. Business users must have clear, navigable tools that allow them to self-assess; technical users need to be able to get into the nuts and bolts; and auditors need comprehensive reporting that enables both a high-level view and detailed analysis.
To fix this problem, you need to prioritize usability in your SAP GRC software. You should have a range of stakeholders involved in the purchase decision so that you can verify your solution will work for everyone before you commit. Make sure your vendor can answer all stakeholders’ questions, and demonstrate excellent ease of use and visibility.
4. You lack SAP GRC automation
When you need to send a message to a coworker, do you run and post a sticky note on their door? When you’re holding a meeting, do you have everyone send you a letter to confirm they’re coming? Of course not. With SAP GRC, many companies are still doing things the ‘old’ and manual way. They print out emails and records to report to auditors. They pore through thousands of pages of report data by hand, instead of having the computer automatically screen it for GRC issues.
This isn’t only hugely wasteful and inefficient – it’s also risky when you factor in human error.
Pervasive compliance automation is a must. Your GRC automation tool should monitor your system in real-time and flag potential conflicts for review, as soon as they’re detected. It should run reports, route them for review and document approvals, so you don’t have to chase signatures down. That way, when it’s time for your SAP audit, you won’t have to scramble to collect documents — everything will be ready for your auditor to review.
5. You lack sufficient GRC vendor support
If your SAP GRC program is broken and always has been, it’s hard to know in advance what it will take to fix it. Experts can help. You need a vendor who’s focused on your success and can provide you as much (or as little) support as you need.
Look for a vendor who provides comprehensive managed SAP compliance and security services, in addition to GRC software. At NTT’s Managed Services division, we’re committed to providing a solution tailored to your needs. Whether you want a completely managed GRC solution, or just someone to set up the software and provide occasional technical assistance, we’re here for you.
Want to learn if ControlPanelGRC is right for your business? Talk to one of our representatives today.
Scott Goolik is the vice president of SAP security and compliance at the Managed Services division of NTT Ltd., Americas.