One of the arguments routinely made to justify upgrading an ERP application is that it allows an organization to introduce more controls to meet various governance and compliance issues.
But while a survey of 88 organizations that either upgraded or deployed new SAP application software conducted by PwC bears that out, the survey also finds that a software upgrade doesn’t do all that much in terms of automating the management of those controls. In fact, 58 percent of SAP users reported that their company had not seen a savings in its controls and compliance effort as a result of deploying new SAP software or an upgrade to an existing system. As such, Sean Donahue, a partner in PwC’s Risk Assurance practice, says it’s apparent that there is still a need for customers to add governance, risk management and compliance (GRC) systems that automate the management of those controls, especially before rolling out a new application.
In an era where regulation is increasing, the automation of these controls has become a significant IT issue. Most organizations can’t afford to keep throwing people at the management problem, and yet the cost of not being in compliance with one regulation or another continues to get more prohibitive with each passing day.
Because of those regulations, interest in GRC issues has never been higher, especially among companies conducting business across multiple countries and regions that have different regulatory requirements. The challenge, of course, is getting the business and IT to agree on what those controls are before they can be automated.
Unfortunately, a lot of organizations seem to be under the impression that an application upgrade alone will solve all their problems. There’s no doubt that they’ll be in a better position relative to compliance. But being compliant is one thing; being compliant in a way your organization can afford is quite another.