SAP GRC Reviews & Product Details


What is SAP GRC?

Reduce the cost and effort needed to proactively prevent risk events and compliance violations

Write a Review

SAP GRC Profile Details

SAP GRC Profile Details

Vendor
SAP
Description
Our business analytics solutions close the gap between transactions, data preparation, analysis, and action, so you can make more informed decisions.
Company Website
Year Founded
1972
Total Revenue (USD mm)
23,461
HQ Location
Walldorf, Germany
Phone
+1 (800) 872-1727
Ownership
NYSE: SAP SE
LinkedIn® Page
www.linkedin.com
Employees on LinkedIn®
126,920
Twitter
@SAP
Twitter Followers
259,457
Show moreShow fewer

Companies Using SAP GRC

Citrix Systems
Siemens
EMC
eBay
Dell
Unilever
Medtronic
Lenovo
Aviva
Kellogg
Adidas
Mohawk Industries

SAP GRC Reviews

Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
All Industries
Write a Review
1-36 of 36 total SAP GRC reviews

SAP GRC Reviews

Write a Review
Filter By
Connections
Show reviews that mention
1-36 of 36 total SAP GRC reviews
Copy Review URL
Consultor SAP Basis Netweaver
Mid-Market
(501-1000 employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"SAP GRC works great for autorizathions and control of users and permissions"

What do you like best?

This software is great to have a centralized operation of all users and authorizations in SAP systems, you can have many kind of SAP system, managed by SAP GRC and control what users do and how.

What do you dislike?

Sometimes sap grc can become a bit slow if the implementation wasn't good enough, if you don't have last level of support packages, you can find some bugs that make slow the administration.

Recommendations to others considering the product:

This will help your company to manage all users system and authorizations centralized and it will do your administration job easier and faster, will have the oportunity to change the sap roles and add new features faster than doing it on each system at all.

What problems are you solving with the product? What benefits have you realized?

This is great for manage a large ammount of SAP systems that i'm working with, it give me perfect access control and administration of users, also i can change new roles or modify it, all in one grc system, don't need to log in at any other system. You can do it faster, with automatic sync using sap jobs, this will make your systems homogenus and you can have sure that all users monitorized.

Copy Review URL
Product Compliance Coordinator
Translation and Localization
Validated Reviewer
Review Source
Copy Review URL

"Secure & Reliable"

What do you like best?

Simple and reliable controls to safely maintain GRC regulations. Instrumental in security measures, as well. Once we overcame the learning curve, we have found the the software is easy to use for all members of our team.

What do you dislike?

There was a learning curve at the beginning when trying to implement the system, but this was quickly overcome with use of the program. Other than that, we have not dealt with any issues with the software.

Recommendations to others considering the product:

It was a big jump for us to move to SAP GRC, but we have not regretted it. It was eased our work flow process immensely.

What problems are you solving with the product? What benefits have you realized?

We have solved issues with keeping up to date with new GRC controls. The software quickly notifies us if there have been any changes to specific controls that we normally would not have a good grasp on.

Copy Review URL
Mid-Market
(501-1000 employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"SAP GRC 10.1"

What do you like best?

SAP GRC 10.1 really streamlines the user provisioning process by having all the security roles pre-approved by the management team. SAP has addressed some of the glitchy workflow issues that were present with the 10.0 version, so the approval / denial process works much better. The interface is also easier to navigate.

What do you dislike?

SAP GRC 10.1 is still a little weak on the reporting features that managers need to address Segeration of Duty (SOD's). The reports that are provided are difficult to interpret and often times managers and / or directors will ignore the reports or require someone to explain them; SAP should not only identify why the SOD exists but outlines some possible steps to resolve the SOD.

Recommendations to others considering the product:

Don't hesitate, SAP GRC 10.1 us a great product with tons of functionality.

What problems are you solving with the product? What benefits have you realized?

SAP GRC 10.1 helps streamline the hiring or termination process, it is very important that the person hired starts working as soon as possible and on the flip side, a terminated employee needs to have system access removed immediately. We have been able to reduce our staff in the security department.

Copy Review URL
G
Enterprise
(1001-5000 employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"Not user friendly at all, but gets the job done for large corporations"

What do you like best?

Easy to manage costs across multiple departments in a large corporation.

The reports to pull POs and GRs are exceptionally helpful when tracking costs.

What do you dislike?

How not user-friendly the system and interface is.

It is NOT intuitive and is very hard to get employees into the habit of using if not in accounting/finance/tech

Recommendations to others considering the product:

God speed. It is not the easiest platform out there.

What problems are you solving with the product? What benefits have you realized?

Benefits are being able to track costs across all departments and divisions. Numerous reports, and ways to track POs and spending. Biz problem we are solving is keeping track of our books in a large, multi-national corporation

Copy Review URL
Software Developer
Information Technology and Services
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"Without Turnkey I do not think we would have been able to implement GRC 10.0 in the way that we have"

What do you like best?

Streamline the process of managing and validating user access to applications and data. With access governance solutions from SAP, you can automate provisioning and certify access, embed preventative policy checks, monitor and automate reviews of emergency access activity – and enable business owners to manage system access with minimal IT support.

What do you dislike?

Because it does not support scoping and prioritization of the audit universe, audit management is not scalable for a large internal audit organization. Some of the audit functionality requires the licensing and integration of the SAP BI Explorer.

improvements were needed in reporting, audit management and the CCM feature within Process Control

Recommendations to others considering the product:

SAP GRC shares the leaders quadrant along with vendors BWise, IBM Open Pages, Thomson Reuters, Oracle and MetricStream. According to Gartner, SAP deserves that ranking based on a number of strategic and functional strengths:

Market understanding and strategy. SAP’s knowledge and understanding of the GRC market has increased, which is reflected in the way it is better able to meet basic compliance and risk assessment requirements, as well as the more advanced challenges such as calculating the effects of risk management on business performance and decision making.

Product strategy. SAP has integrated continuous controls monitoring (CCM) to enable a wider set of GRC capabilities.

Vertical/industry strategy. SAP now offers a version of GRC for Environment, Health and Safety (EH&S) and also works with a number of other vendors that provide industry-specific GRC applications.

What problems are you solving with the product? What benefits have you realized?

lthough initially viewed as a technical upgrade, moving to GRC 10.0 allowed JTI and Turnkey to revisit the business requirements and identify opportunities to improve the system, whilst providing additional functionalities.

Project delivered on time and within budget

Internal expertise and self-sufficiency gained through working with Turnkey consultants

A time efficient and up to date new GRC system with custom automation

Improved user experience and internal compliance

Copy Review URL
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Usability"

What do you like best?

We use GRC for our authorization management and all the user creation role updates etc. This tool is very user friendly and give up reports where we can monitor if any issue with the role assignment

What do you dislike?

As we are using it for past 5 years some time it's very slow and users do not like the screen layout for the reports

What problems are you solving with the product? What benefits have you realized?

We are using for creation of user profile, managing user role assignments

Copy Review URL
CI
Mid-Market
(51-200 employees)
Validated Reviewer
Review Source
Copy Review URL
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"SAP GRC the secure product"

What do you like best?

integration with different component and manage security roles under one system

What do you dislike?

change in particular role is bit hectic work as it need deep analysis before making any changes

Recommendations to others considering the product:

SAP's great Product for security Governance, Risk, Compliance which can use in business the unknows risks, analyse the solutions, process can manage the fraud in business process and the most important part is to maintain audit management with very much effectiveness.

What problems are you solving with the product? What benefits have you realized?

The SAP GRC Product access control list with which enablement can highly benificial for the business to predict and eliminate the unknown or future risks

Copy Review URL
Small-Business
(Myself Only)
Validated Reviewer
Review Source
Copy Review URL

"SAP GRC "

What do you like best?

Secure all user authorization access for avoiding user to access most sensible transaction when completing their daily task.

What do you dislike?

At this time I don't have any feedback to provide.

What problems are you solving with the product? What benefits have you realized?

Authorizations are sometime not correctly define for some department. For the technical aspect it took away SAP All from Consultant to overlook the source of the problem from other streams.

Copy Review URL
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC 10.1 Security Administration"

What do you like best?

This is a new installation for us. GRC is comprehensive approach to SOD reporting.

What do you dislike?

GRC is not a user friendly tool by any means.

Recommendations to others considering the product:

Learn as much about the product.

What problems are you solving with the product? What benefits have you realized?

We have been able to identify role level SODs, perform what-if scenarios and user provision. We are currently in the process of implementing Process Controlls

Copy Review URL
Account Executive
Computer Software
Enterprise
(10,001+ employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"SAP GRC"

What do you like best?

This software really helps streamline the auditing process for my customers. The best part is the workflows are integrated.

What do you dislike?

The interface could be more modernized, but overall this is a great product

Recommendations to others considering the product:

I would highly recommend

What problems are you solving with the product? What benefits have you realized?

governance, auditing, risk, compliance

Copy Review URL
UH
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC is okay"

What do you like best?

I like that reviewing, approving is in single screen

What do you dislike?

the system is slow. Clicking into each GRC request is very slow and takes many clicks to get to the point where you can approve or deny

Recommendations to others considering the product:

have a good consulting company implementing with vision of long term support. KPMG implemented the product and then left us without the ability to answer our own questions. Also, make sure the process for submitting, approving/rejecting is clearly defined with clear guidelines and training.

What problems are you solving with the product? What benefits have you realized?

we solve approving security requests

Copy Review URL
A
Enterprise
(10,001+ employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"SAP GRC"

What do you like best?

GRC identifies the risks across all roles/authorization which reduces the segregation of duties

What do you dislike?

the jobs are running long and even SAP couldn't resolve the issues in spite of several OSS message raised.

Recommendations to others considering the product:

The long running jobs needs to fine tuned

What problems are you solving with the product? What benefits have you realized?

Risk analysis

Copy Review URL
HANA/BigData Program Manager
Information Technology and Services
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC_for SAP platforms for Security Models "

What do you like best?

integrate well with all SAP Platform and address the user provisioning

What do you dislike?

integration with non SAP Systems and the fact that is very SAP oriented

Recommendations to others considering the product:

if you embraced SAP is good to take it

What problems are you solving with the product? What benefits have you realized?

User Maintenace and access to Company assets

Copy Review URL
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"Excellent security product"

What do you like best?

SAP GRC is by far the most excellent security product for Governance, Risk and Compliance.

What do you dislike?

Integration with non-SAP products, mobile app needs to be improved

Recommendations to others considering the product:

Integration with non-SAP products to completely eliminate the integration trouble

What problems are you solving with the product? What benefits have you realized?

Risks and role management is very critical to business

Copy Review URL
SAP Senior Basis Analyst
Food Production
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"Great system to manage Compliance and policy management"

What do you like best?

The flexibility. that the system provides. We currently use Access Governance.

What do you dislike?

It currently does not have the new FIori Design. It still uses NWBC.

Recommendations to others considering the product:

Find the right people to do the implementation. Not everyone has the experience.

What problems are you solving with the product? What benefits have you realized?

Firefighter and SOD.

Copy Review URL
Enterprise IT and OT Applications Executive
Utilities
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC Review"

What do you like best?

If set up correctly, this is a lot of power to minimize and control access

What do you dislike?

Hard to use, you need deep skills to set up and many time it is not set up to be flexible

What problems are you solving with the product? What benefits have you realized?

Access for both Corp and nuclear ECC inc.

Copy Review URL
Enterprise
(5001-10,000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Helpful product to understand user risk in SAP"

What do you like best?

Glad that we have an automated fashion to create users, review SODs and determine how to mitigate risks.

What do you dislike?

would like the ability to do cross systems SODs.

What problems are you solving with the product? What benefits have you realized?

creating users and checking for SOD reviews

Copy Review URL
C
Enterprise
(10,001+ employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL

"SAP GRC - Mostly a blessing after alot of hardwork"

What do you like best?

Easy to use and helps identify SOD conflicts and access risk management.

What do you dislike?

The trouble of implementation and clearing of number of complex SOD conflicts

What problems are you solving with the product? What benefits have you realized?

Removing the risk of fraud or wrongly assigned access. Have identified and removed any wrongly assigned access or conflicts.

Copy Review URL
CB
Enterprise
(5001-10,000 employees)
Validated Reviewer
Verified Current User
Review Source
Copy Review URL
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"SAP GRC V10"

What do you like best?

GRC tool has the all required modules like SOD, CUP workflows.

Most of workflows are pre-delivered so its super easy.

What do you dislike?

Tools still has many bugs in sync jobs and we need to apply SNOTES to fix the issue.. sometime it creates another issue in system.

Also FF log collection program has the bugs.

Recommendations to others considering the product:

Number of users should be on higher side

What problems are you solving with the product? What benefits have you realized?

Audit and SOD problems.

Super user access

Copy Review URL
A
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC 10.1"

What do you like best?

Moving away from the Java Stack in GRC 5.3. Moving away from the Java Stack in GRC 5.3. . Moving away from the Java Stack in GRC 5.3. . Moving away from the Java Stack in GRC 5.3. . Moving away from the Java Stack in GRC 5.3.

What do you dislike?

Does not integrate with MDM.Does not integrate with MDM.Does not integrate with MDM.Does not integrate with MDM.

What problems are you solving with the product? What benefits have you realized?

User Provisioning, SOD, FFID

Copy Review URL
AI
Validated Reviewer
Review Source
Copy Review URL

"Installation, admin and testing of SAP GRC"

What do you like best?

Great compliance product

Segregation of Duties SOD resolution

Audit protocol, safe operating procedures, incident reporting

What do you dislike?

Some of the user interface is not very intuitive. Also needs some improvement in features - uploading videos, rewards incentive program, custom course builder

Recommendations to others considering the product:

A very important product within SAP suite of products providing compliance to support SOX

What problems are you solving with the product? What benefits have you realized?

SOX compliance

SOD Compliance

Copy Review URL
IA
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"SAP GRC- Security and Authorizations "

What do you like best?

The best thing I like about GRC is the request process for authorization requests.

What do you dislike?

I dislike how the roles and authorizations are so bountiful, can be confusing.

What problems are you solving with the product? What benefits have you realized?

We are using GRC to maintain authorizations and roles for all users, and use it to audit our processes and changes

Copy Review URL
A
Mid-Market
(201-500 employees)
Validated Reviewer
Review Source
Copy Review URL

"Its a good tool but can do much better"

What do you like best?

EAM is very easy to use and we can easily track the user activity, also role provisioning is also good.

What do you dislike?

SOD checks always fail and the system can do much more in terms role cleansing with all the data it collects

What problems are you solving with the product? What benefits have you realized?

EAM and SOD violations. to some extent yes.

Copy Review URL
I
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC "

What do you like best?

Access controls , Great with Audit and Automation and Risk identifications and Risk mitigation .Stayclean

What do you dislike?

Cross system risk functionality/Manual entry for SOD Sim

Recommendations to others considering the product:

Its great tool for Automation and SOD Risks and Audit trails

What problems are you solving with the product? What benefits have you realized?

Cross System SOD with Cloud

Copy Review URL
A
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"GRC "

What do you like best?

I love the multiple tools available within the GRC suite, both Access Control and Process Control

What do you dislike?

The numerous issues that must be resolved by note application.

Recommendations to others considering the product:

Do't be afraid to implement GRC. It is easy!

What problems are you solving with the product? What benefits have you realized?

SOX audit compliance.

Copy Review URL
UB
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Not user friendly, but necessary"

What do you like best?

Seamless integrates so many pieces and parts of an enterprise

What do you dislike?

The least user friendly piece of technology I've ever used. The interface is awful.

What problems are you solving with the product? What benefits have you realized?

Finance/Accounting, Supply Chain, PDP Pages, Inventory, Master Planning/Scheduling

Copy Review URL
C
Validated Reviewer
Review Source
Copy Review URL

"GRC is a well established tool."

What do you like best?

The automation of user povisioningnand the SOD analysis

What do you dislike?

The SOD ruleset needs to be updated as per the newer technologies and changes in the application. The Integrationn with newer applications is missing.

What problems are you solving with the product? What benefits have you realized?

Risk Remediation, Firefighter activities

Copy Review URL
C
Enterprise
(10,001+ employees)
Validated Reviewer
Review Source
Copy Review URL

"Audit"

What do you like best?

Centralized Audit tractability is the best i liked it most in comparison to Clear Quest

What do you dislike?

complex process to raise GRC ticket witch should be more user friendly

What problems are you solving with the product? What benefits have you realized?

Security business problems are you solving with SAP GRC

Copy Review URL
C
Validated Reviewer
Review Source
Copy Review URL

"SAP GRC for the new age"

What do you like best?

The delegation of power and the controls and authorisations

What do you dislike?

Can be more userfriendly. You can cut out the jargons

Recommendations to others considering the product:

Good product to be IFRS compliant

What problems are you solving with the product? What benefits have you realized?

To be IFRS compliant

Copy Review URL
CM
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Great for larger organizations"

What do you like best?

Easily organize your compliance data in a one stop place

What do you dislike?

The software has limited configurable options, and is best used off the shelf.

What problems are you solving with the product? What benefits have you realized?

Managing compliance data including controls, regulations, companies, etc. Its very simple to put it all in one manageable place.

Copy Review URL
A
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"SAP IT Architect "

What do you like best?

Engineering, architectiing and supporting

What do you dislike?

going back and forth with GRC support for issues related to post patching

What problems are you solving with the product? What benefits have you realized?

Reporting challenges and technical issues

Copy Review URL
AO
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"one stop shop for compliance"

What do you like best?

robust nature to automate provisioning and compliance needs

What do you dislike?

limitations on nwbc to work with mass data selection

What problems are you solving with the product? What benefits have you realized?

SOD, EAM, compliant provisioning

Copy Review URL
Solution Architect
Food & Beverages
Enterprise
(5001-10,000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Good tool for Global Rights Management if you have an all SAP Landscape"

What do you like best?

This tool is great for handling user security and rights, access provisioning, along with things like firecall IDs, etc.

What do you dislike?

Just like with a lot of other SAP systems, it really only works best if you have a full SAP Landscape

Recommendations to others considering the product:

If you're an SAP Shop, definitely take a look into it. If your landscape is made up of a wider variety of systems, you might want to consider some other options.

Copy Review URL
C
Validated Reviewer
Review Source
Copy Review URL

"Grc"

What do you like best?

Ease of use, Segreggation of duties and role provisioning.

What do you dislike?

Setup time and configuration. Useablility fact

What problems are you solving with the product? What benefits have you realized?

Sod

Copy Review URL
A
Enterprise
(1001-5000 employees)
Validated Reviewer
Review Source
Copy Review URL

"SAP GRC"

What do you like best?

Access and Process Control and Process Control

What do you dislike?

The user interface and sometimes the performance

What problems are you solving with the product? What benefits have you realized?

Mitigating risk

Copy Review URL
UC
Enterprise
(5001-10,000 employees)
Validated Reviewer
Review Source
Copy Review URL

"Steep learning curve"

What do you like best?

Full suite of integrated features all.in one.package.

What do you dislike?

Stability and steep learning curve, not intuitive

What problems are you solving with the product? What benefits have you realized?

Inventory management and material master.

SAP GRC User Ratings

7.1
Ease of Use
Average: 7.8*
7.3
Quality of Support
Average: 8.6*
6.8
Ease of Setup
Average: 7.8*
* GRC Platforms Category
Do you work for SAP GRC?

SAP GRC Categories on G2