GRC Tuesdays: How Can You Get a Single View of All Suspicious Activities across the Different Systems in Your Organization?
Different Departments, Different Priorities
As we all know, different departments within an organization focus on different areas or business processes, and if you ask them about their top challenges, you’ll get a wide variety of answers, even when all these items ultimately support the same set of corporate goals.
It’s then not surprising that the different business process owners or department heads need to track and analyze different types of transactions to ensure their side of the business is running well. This is definitely the case when it comes to suspicious and anomalous transactions that might indicate potential fraud and/or process inefficiencies that call for immediate attention.
For example, the Compliance team might be concerned with any SOX-related exceptions they encounter in their control framework, but the Purchasing team might be focusing on making sure all vendors and business partners get screened properly before they get into the system and engage in any transactions. Both scenarios are driven by good corporate policies and goals, but they need to be properly consolidated to ensure they get the right visibility by management.
Different Systems Handling Different Types of Transactions
Not only do these different teams focus on different priorities, but they also very likely run their businesses on heterogeneous systems from different vendors, which might or might not talk to each other, creating potential data silos which limit the enterprise-wide view that corporate managers need to make the right decisions about the different areas of their organizations.
For example, T&E information might reside in SAP Concur, accounting journal entries might be in a non-SAP GL, and HR information be stored in some third-party cloud solution.
So, in addition to the challenge of different priorities by different departments, we also have the issue of different systems where the transactions and data reside. Given this very common reality, what can be done to ensure management has access to a consolidated view of what’s happening in their organizations?
The Benefits of a SAP HANA-Based Solution like SAP Business Integrity Screening
SAP Business Integrity Screening, originally created to be a fraud detection application, runs on SAP HANA and allows the consolidation of data and transactions from different source systems, SAP and non-SAP. In addition to analyzing all this data and transactions for potential exceptions (fraud, errors, unusual trends)it can also provide a consolidated enterprise view to management of these exceptions, the $ exposure associated with them, KPIs on the efficiency of your detection efforts, and so on…regardless of the source system.
Besides running on SAP HANA, an additional benefit from SAP Business Integrity Screening is its automated integration with SAP Predictive Analytics, which can further help organizations detect potential exceptions by using predictive models.