Product Information
GRC Tuesdays: Announcing SAP’s plans for a next generation Governance, Risk, and Compliance Platform: SAP GRC edition for SAP HANA
Vishal Verma – Head of Solution Management, Risk, Compliance and Tax, and Jochen Thierer – Head of Development for Governance, Risk & Compliance at SAP announced today plans to roll out a next generation Governance, Risk, and Compliance platform, successor to its current SAP GRC solution in use by thousands of customers worldwide.
As highlighted in the Latest Trends in Governance, Risk, and Compliance Technology blog released a few weeks ago, in addition to global trends that impacted all processes and systems of the organization, there are also some underlying currents that are having a specific impact on GRC.
Such as the need for a more integrated approach to GRC, still being able to select best of breed when and where it makes sense, but also cross-system integration and the quest for autonomous and analytical GRC for instance.
To address this outlook, and to help companies future-proof their Governance, Risk, and Compliance processes and automation, SAP is announcing a new version of its GRC platform: SAP GRC edition for SAP HANA.
Building on over 20 years in market and thousands of satisfied customers across the globe and in all industries, and on its position as a leader in various reports such as Chartis RiskTech Quadrants or KuppingerCole Leadership Compass, and while SAP provides dedicated SaaS applications such as SAP Cloud Identity Access Governance and SAP Financial Compliance Management for instance, for customers preferring a private cloud or on-premise deployment it was time for SAP to reinvent GRC software to accompany customers for their challenges of the next decades.
Leveraging state of the art technologies and redesigned workflows and structure, this is precisely what SAP GRC edition for SAP HANA will offer.
From today until its release planned in Q1 2026, SAP will work with customers, partners and analysts to build SAP GRC edition for SAP HANA as a successor solution to its current SAP GRC version 12.0 platform that includes SAP Access Control, SAP Process Control and SAP Risk Management.
What can you expect?
* Improved user satisfaction thanks to consumer-grade user experience with SAP award winning SAP Fiori interface and fully redesigned business workflows for access governance, risk and control management
* Augmented decision making thanks to real-time insights and advanced visualization capabilities available at your fingertips turning casual users into GRC experts, and GRC experts into business advisors
* Future ready thanks to a fully redesigned technical and functional architecture making it easier to quickly adapt the platform to fulfil new regulatory requirements or business process adaptations
* Proactive risk management with integrated data-driven automation in every business process step providing a single contextualised perspective of the risks
* Effortless upgrade path from SAP GRC version 12.0 to SAP GRC edition for HANA so that you can start benefiting from all improvements, rapidly.
* The same dedication to GRC from SAP. As explained by Vishal Verma: “Our objective is to propose a long-term vision for GRC technology that customers can look forward to, and is fully inscribed within SAP’s strategy. We strongly believe that SAP GRC edition for SAP HANA will provide customers with the advanced technological platform they need to manage the business challenges they face in what will most likely continue to be an unprecedented time”. This dedication to the GRC topic was further reinforced by Jochen Thierer who resituated the new platform in the context of the long SAP GRC history “For over 2 decades now, SAP has supported customers on their GRC journey. With this new GRC built exclusively on SAP S/4HANA Foundation and SAP S/4HANA, we’re continuing this long-term partnership with them”.
* Within an open ecosystem of partners!
The new version has also been announced in SAP Note 3326989 – Announcement of the Upcoming Release of SAP Access Control, SAP Process Control and SAP Risk Management and is planned for the 1st quarter of 2026. Regular updates will be provided in the GRC Tuesdays blogs. To give customers sufficient time to plan their transition to the new release, SAP is also planning on extending the maintenance timeline for SAP GRC version 12.0 by one year, until the end of 2028.
[Update 17/05/2023] Breaking news – upcoming release of additional SAP solutions for GRC has also just been announced!
In addition to the new version of the SAP GRC platform that includes SAP Access Control, SAP Process Control and SAP Risk Management mentioned in this blog, SAP has also just announced a new SAP S/4HANA version of SAP Audit Management, SAP Business Integrity Screening (previously known as SAP Fraud Management) and SAP Tax Compliance. This update is also planned for Q1 2026.
This means a complete new suite of solutions for Three Lines (of Defense) planned for early 2026!
In addition to being built exclusively on SAP S/4HANA Foundation and SAP S/4HANA, this new release will deliver a technical landscape harmonization and an effortless upgrade path for existing customers.
More details on SAP Note 3334350 – Announcement of the Upcoming Release of SAP assurance and compliance software for SAP S/4HANA
Note
The content in this blog post is all subject to change and may be changed by SAP at any time for any reason without notice. The information in this blog post is not a commitment, promise or legal obligation to deliver any material, code or functionality. This blog post is for informational purposes and may not be incorporated into a contract.
Where can I find the GRC Tuesdays blogs? Are these the blogs tagged "GRC Tuesdays blogs"?
It is a tag for blog series, you can click the tag or follow this URL : https://blogs.sap.com/tag/grctuesdays/
Is it going to be on-prem or cloud ?
Hello Tiberius Busu,
Thank you for your question.
The plan is to have this offering available both for private cloud or on-premise deployment.
Kind regards,
Thomas
Hi Thomas,
So what does it mean for customers that are planning on moving their GRC 12.0 to the current available S/4HANA Foundation Edition for GRC?
Thanks.
Martin
Hello Martin,
Thank you for your comment.
I've taken note of your question and have reached out to the colleagues. The feedback is that customers on SAP GRC 12.0 for S/4HANA will be able to upgrade to the new version as well.
Kind regards,
Thomas
Thanks Thomas for confirming!
Thank you Thomas!
Customers planning to move now or prior to Q1 2026 from the regular on prem. / non-S/4 HANA version of SAP GRC SUite v12 to the S/4 HANA version will have to treat it as a migration. is that correct to assume? Will this change in 2026?
Best regards
Maxim
Hi Maxim Chuprunov,
Thank you for your question.
As you correctly mentioned, going from “classic” SAP GRC version 12.0 to the S/4HANA version requires a conversion as described in the conversion guide. Data migration might also need to be considered depending on the case, for instance, database in use.
The intent for the future version is to provide an upgrade path for both customers of “classic” versions and S/4HANA versions. Of course, this is still a work in progress and details are not defined yet at this stage.
I hope this answers your question.
Kind regards,
Thomas
Thank you Thomas! I understand that anything related to the future version is WIP. For the currently available GRC versions and based on the link you have provided, 2 use cases seem to be relevant:
Thank you & regards
Maxim
Hi Maxim,
Since this is not directly related to the blog concerning the new version and that I am not the subject expert on the matter, I'll take this question offline and will reach out to you directly.
Thank you for your understanding.
Kind regards,
Thomas
Would the new version of GRC for HANA incorporate the connectivity to Cloud systems or would it still require the IAG Integration edition to connect them?
Hello Alison Warren,
First of all, thank you for your comment.
At this stage, the intent is to deliver the same functional scope.
As a result, SAP Identity Access Governance, integration edition would still be required to extend SAP Access Control to Cloud solutions.
I trust this answers your question.
Thank you and kind regards,
Thomas
Hi..would this support third party non SAP IGA solutions to integrate. How does the solution leverages data from a third party non SAP IGA platform that may be running organization wise JML controls for all enterprise apps.
Many Thanks,
Arijit
Hi..does its supports integration with Non SAP third party solutions. how does the solution integrates with a non SAP Identity Governance solution that drives entire JML control for all enterprise apps across the organization
Hello Arijit Banerjee,
Thank you for your comments on this blog.
As mentioned in response to another question above, at this stage, the intent is to deliver the same functional scope - including for SAP Access Control.
The same extension options will therefore apply, including being able to leverage SAP Access Violation Management by Pathlock to extend the capabilities of the SAP Access Control across business applications and IT systems (SAP and third-party applications).
Kind regards
Thomas
Thomas,
Please fix this - change the second SAP S/4HANA below to SAP HANA:
"In addition to being built exclusively on SAP S/4HANA Foundation and SAP S/4HANA..."
Thanks.
Hello,
Thank you for your comment.
I've reached out to Product Management colleagues, and they have confirmed that the new versions of SAP GRC solutions will be add-ons to the S/4HANA product. Hence the statement that they are built exclusively on SAP S/4HANA Foundation and SAP S/4HANA is accurate.
Kind regards,
Thomas
Informative Article!
So, can we say that SAP GRC edition for SAP HANA will be leveraging the Machine learning and AI capabilities which IAG uses. Also, will this edition cater to On Premise and Private Cloud only, or it can be extended to SAP S/4 HANA Public cloud as well ?
Thanks,
Siddhesh Pai
Dear Siddhesh Pai,
First of all, thank you for your kind comment. I am glad to read that you found this post informative.
Concerning leveraging AI for SAP GRC solutions, there are Future Directions investigations for the individual solutions to include more advanced capabilities such as Machine Learning for instance. But, for the new version announced in this blog, the intent is to deliver the same functional scope at this stage.
In case you'd like to hear more about recent enhancements and roadmap plans for the individual SAP GRC solutions, I would recommend registering to the following webinars:
* Recent innovations in SAP Access Control: https://event.on24.com/wcc/r/4225747/CA6694DC5A4FCDA31B0C4861B9821635
* Recent deliverable and Roadmap for SAP Process Control and Risk Management: https://event.on24.com/wcc/r/4251311/E218CEC3ADD5AE4875D70E2888AAD105
Concerning your second question on the deployment model, this new version is planned on being available both OnPremise and in Private Cloud.
For Public Cloud, we will continue addressing this model with dedicated solutions, such as SAP Cloud Identity Access Governance or SAP Financial Compliance Management.
I trust this answers your questions.
Kind regards,
Thomas
Thanks a bunch for the detailed answer Thomas Frenehard !
Glad to know about these open events as well which SAP is organizing. Could you provide more information where we can get further notifications about these events, so that I can already keep a watch for the future events!
Thanks a lot in advance!
Regards,
Siddhesh Pai
Hi Siddhesh Pai,
Thank you for your reply and great question indeed!
You can subscribe to receive updates from the SAP Finance & Quote-to-Cash Community at the following location: https://www.sap.com/cmp/nl/finance-quote-to-cash-enablement-nl/index.html
This community brings customers and partners the latest news on product releases and upcoming enablement webcasts for Finance but also Governance Risk & Compliance (GRC), Billing Invoicing & Revenue Management (BRIM), and Configure Price Quote (CPQ) solutions.
I trust this helps!
Kind regards,
Thomas
Thanks Thomas Frenehard , this definitely helps! Looking forward to see more innovations in this space!
Cheers,
Siddhesh Pai