SAS Enterprise Governance, Risk and Compliance (GRC) solution introduced to South African market

Issued by Anti-Clockwise for SAS Institute
Johannesburg, 13 Aug 2010

SAS, the leader in business analytics, has announced the official launch of its Enterprise Governance Risk and Compliance (Enterprise GRC) solution to the South African market.

The SAS Enterprise Governance, Risk and Compliance solution offers an integrated platform for comprehensive and continuous monitoring on risk and compliance exposures.

Organisations can track risks based on trends in various operational systems. They can quickly identify and manage significant emerging exposures, and continuously update policies with regulatory changes to produce an audited, consolidated risk profile, especially for non-financial risks.

At the official South African launch, Susan Kahler, SAS Enterprise GRC Product Manager (United States), provided customers with an overview of how the Enterprise GRC solution can be used to solve the business problems commonly experienced by risk managers, compliance officers, internal auditors, and strategy officers. “Customers tend to experience problems which emanate from the lack of common business processes, lack of a common risk and control repository, manual data collection and analysis procedures, and inability to collaborate with their colleagues in other disciplines,” said Kahler.

Kahler showed that SAS is a global leader in Enterprise GRC, and the company currently holds the leadership position for GRC and operational risk management systems (1) as per the independent research company Chartis, as well as having been selected as the frontrunner for governance, operational risk and compliance by Celent (2).

“Although operational risk management has been the focus in many businesses, especially in the banking sector, the need for measuring, monitoring, controlling and reporting on non-financial risks, beyond operational risks, is becoming more important throughout all industries,” said Colin Hill, Senior Principal Consultant Risk Management at SAS Institute SA. “What customers are experiencing as a result of different departments managing risk are disparate systems, processes and policies, which lead to an inconsistent reporting of risk exposures.”

Kahler cited examples of how customers from different industries and geographies currently use the SAS Enterprise GRC solution to manage their non-financial risks: a European utilities company to manage its reputational risk, a US insurance company to manage its IT security risk, and an Italian consortium of small and medium banks to manage their vendor risks.

In order to assist businesses with their quandary of disparate and redundant systems, the SAS Enterprise GRC solution can integrate numerous governance, risk and compliance streams. “By adopting the Enterprise GRC solution, a business can gain insight into their organisational risk management quality. By bringing together multiple risk and control libraries, customers can start managing risk from a common repository. In addition, this paves the way for risk remediation, offering a common method to record and report on issues, as well as the ability to reduce redundancy, improve efficiency and bolster productivity,” stated Hill. “The Enterprise GRC solution provides a mechanism to integrate risk, compliance and internal audit silos.”

The SAS Enterprise GRC solution provides the ability for continuous auditing of controls through the automation of control testing against operational data. “The pressure is on the internal auditors to provide an assessment of the entire problem space as sampling is no longer viewed as being sufficient,” said Kahler. “With the SAS Enterprise GRC solution, the internal auditors can shift their focus from the manual identification of control failures to the handling and remediation of those exceptions. This has resonated very strongly with internal audit teams.”

The SAS Enterprise GRC solution also provides the capability for organisations to define meaningful relationships amongst the business entities such as risks, controls, business objectives, regulations, policies, etc to support their methodologies. For example, compliance officers can associate laws and regulations with policies, which may be associated to risks or controls. The solution provides for the visualisation and reporting of these relationships, thus allowing the business users to easily see related entities and to interactively explore those relationships.

“What differentiates the SAS Enterprise GRC solution in the marketplace is its ability to link and visualise the relationships among the entities; its continuous auditing capabilities; and its ability to provide GRC capabilities, business intelligence capabilities, and data integration capabilities, all from a single vendor,” concluded Kahler.

While the announcement of the immediate availability of the solution was made this week, SAS South Africa has already made its first sale of the Enterprise GRC solution.

(1) Read or download the full Chartis Report here http://www.sas.com/news/analysts/chartisgrc_complandscape2010.pdf
(2) Read or download the full Celent Report http://www.sas.com/news/analysts/celent-op-risk-mgmt-104392-0909.pdf

Chartis Research

Chartis is the leading provider of research and analysis on the global market for risk technology. Its goal is to support enterprises as they drive business performance through better risk management, corporate governance and compliance. It helps clients make informed technology and business decisions by providing in-depth analysis and actionable advice on virtually all aspects of risk technology - (www.chartis-research.com).

Celent

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally experienced analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is part of Marsh & McLennan Companies [NYSE: MMC].

SAS

SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions delivered within an integrated framework, SAS helps customers at more than 45 000 sites improve performance and deliver value by making better decisions faster. Since 1976, SAS has been giving customers around the world 'The Power to Know'. www.sas.com and www.sas.com/sa

SAS and all other SAS Institute product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. (R) indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright (c) 2010 SAS Institute Inc. All rights reserved.

Editorial contacts