Forgot password?
|
|
|
|
Home
We were unable to sign you in.
Please verify your user name and password and try again. If you do not have a TEC account, register now.


"Managing Performance, Risk, and Compliance for Better Business Results"

If you receive errors when attempting to view this white paper, please install the latest version of Adobe Reader.
SAP

"The SAP BusinessObjects Risk Management application provides risk-adjusted management of enterprise performance that can empower you to optimize efficiency, increase effectiveness, and maximize visibility across risk initiatives."
Source: SAP

Resources Related to Managing Performance, Risk, and Compliance for Better Business Results:

Managing Performance, Risk, and Compliance for Better Business Results

Risk Management is also known as : Risk Management Practices, Governance Risk Compliance, GRC, Business Risks, Compliance Risks, Management of Risk, Enterprise Risk Management, Risk Management Software,
Risk Management Solutions, Key Risk Indicators, Kri, Risk Management System, Risk and Compliance Management, Risk-based Process Management, Comprehensive Risk Management Framework, Proactive Risk Identification, Governance Compliance Risk, Risk and Compliance Activities, Managing Business Risk, Risk Management Services, Risk and Compliance Practices, Financial Risk Manager, Risk Assessment Management, Effective Risk Management, Risk Management and Compliance Policies, Risk Initiatives, Compliance and Risk.

These days, companies everywhere are confronted with increasing globalization and volatile market conditions. It is a challenging and often risky business climate.

To optimize performance and ensure strategic success in this environment, companies must recognize all types of risk - strategic, financial, and operational. And further, their risk management and compliance activities should be an integral part of the business processes that drive day-to- day execution.

The reality is that business risks surface every day and at every level across all organizations. Yet it can also be said that risk and opportunity are two sides of the same coin - with every risk there also comes an opportunity to win. By answering the following questions, this SAP Executive Insight describes an approach to risk and compliance management that companies can use to maximize the opportunities, while also mitigating the risks:

  • How do I ensure alignment between my company's strategic objectives and my risk management and compliance policies?
  • How can I proactively mitigate all types of business risk and maintain a proper balance of risk and reward?
  • How can I gain a competitive advantage by ensuring continuous compliance with regulatory requirements and company policies?
 

EXECUTIVE AGENDA
AT A GLANCE

 

Building a Better Performance Management Model

To prosper and grow in today's competitive market, companies need a risk adjusted performance management model that helps ensure the success of critical business initiatives. Such an approach should:

  • Align strategy and execution. Develop risk management practices and compliance policies that effectively support strategic objectives. This alignment should permeate the organization from top to bottom.
  • Establish a risk management framework. An effective risk management framework provides companies with needed visibility across business units and enables proactive risk identification and mitigation.
  • Take compliance to the next level. Many organizations see compliance as little more than a "check the box" activity. But effective compliance can help companies differentiate themselves in the marketplace, improve their performance, identify new opportunities, and create new value for the business.

All three of these elements are necessary. Think of them as a three-legged stool, as even well-defined processes and policies for risk management and compliance can be ineffective if not closely aligned with top-level strategic objectives.

Leadership Makes the Difference in Times of Crisis

One thing is for sure: with every economic crisis comes opportunity. Some companies will go from good to great, and others will just fade away, making room for more innovative competitors. To be among the winners, executives should strongly consider best practices that provide a balanced approach to moving forward by including both cost reductions and smart investments. SAP has developed a series of Executive Insights that highlight strategies your business can use immediately to run more efficiently and improve the customer experience by helping you:

  • Drive risk and compliance activities (this paper)
  • Manage cash more systematically
  • Run leaner operations
  • Get closer to your best customers
  • Optimize your human capital
  • Protect and nurture your brand
  • Build a best-run IT organization
  • Gain deeper insight from your business information

Such practices can deliver a true competitive advantage - even in today's economy.

Benchmarking - The Facts of the Matter

The insights presented in this paper are based on decades of experience in helping our customers become best-run businesses. An important tool in these efforts is the understanding gained from measuring and comparing the actual performance of companies across a wide range of sizes and industries.

SAP conducts benchmarking and best-practice studies in many business areas including finance, supply chain, manufacturing, human capital management, shared services, sales and marketing, compliance, and IT. Analyzing the performance of industry leaders offers executives the metrics needed to assess their own company's past successes and guide today's crucial decisions.

For more information about the benchmarking and best-practices program at SAP, visit www.sap.com /usa/solutions/benchmarking or contact benchmarking@sap.com.

ALIGNING STRATEGY WITH RISK MANAGEMENT AND COMPLIANCE
THE CRITICAL FIRST STEP

 

Starting at the Top

In today's business environment, many would agree that comprehensive risk and compliance management is a critical foundation for enabling companies to optimize performance and realize core business objectives.

Consider, for example, global trade where the issues of risk and compliance are particularly demanding and complex. In recent years, there has been a growing trend among companies to source, manufacture, and distribute goods on a global basis. But with the massive opportunity of global trade comes increased risk, as companies confront mounting regulatory pressures. These range from new antiterrorist regulations to specific government mandates that require checking potential business partners against lists of prohibited parties. Failure to comply with such regulations could result in revocation of trading privileges or even imprisonment - and the likely derailment of a promising business initiative.

At the top-most level of companies, executives need to evaluate their risk and compliance practices in context of the specific directions and objectives of their organizations. Unplanned events can represent either risks or opportunities. But without strategic alignment this assessment can be difficult to make.

Closing the Gap

Once company executives fully understand the interplay between risk, compliance, and their specific corporate goals, they can begin to close the gap between strategy and execution:

  • At the executive level, ensure that your company develops the internal policies that support your business strategies. For example, if international expansion is part of your charter, ensure that your organization conducts trade policy planning on a regular basis. Identify the trade policy elements necessary to effectively support your company's markets, materials, products, services, and trading partners. During the planning process, identify applicable trade regulations and agreements, and analyze the implications on executing your key strategies. To help define and maintain these policies, consider leveraging enabling technologies and a dedicated trade compliance organization.
  • Drive top-level strategic alignment down throughout the organization. Incorporate risk and compliance as an inherent part of all business planning. Every line-of-business manager should be responsible for defining the context within which business risks are managed. This includes defining risk threshold levels and identifying business activities to be assessed.
  • Create a culture of accountability across the enterprise where managers and employees think about risk and reward collectively. Leverage a common methodology for managing key performance indicators and key risk indicators (KRIs). This provides managers and employees the ability to quickly measure progress against objectives and determine where efforts are most needed.

Applied Biosystems

Industry: Life sciences

Summary
Applied Biosystems Inc., part of Life Technologies Corp., supplies life science firms and research institutions with a host of products and services for researching genes and proteins, studying how drugs interact with the body's systems and genetic makeup, testing food and the environment for contaminants, and performing DNAbased identification.

Results with SAP® Software

  • Improved productivity - reduced operating expenses of trade compliance group by 75%
  • Significant savings in licensing, screening, and shipping
  • U.S. savings replicated across globe
  • Separation of duties and improved data integrity
  • Reduced potential compliance fees and financial risks
  • Improved executive visibility into trade compliance information
 

ESTABLISHING A RISK MANAGEMENT FRAMEWORK
A PROACTIVE AND PREVENTIVE APPROACH

Protecting and Creating Value

Understanding that strategy management and risk management need to operate hand in hand is a critical first step. However, many companies still lack a complete picture of their total risk and don't have the process support needed to coordinate daily risk management activities across an enterprise.

It's clear that companies need to articulate and monitor all risks in a consistent and structured way. This requires a comprehensive risk management framework that allows you to:

  • Recognize the full range of risk exposure within your organization. Many companies limit their risk activities to financial risk, but executives need to take a broader view. This includes considering both strategic risk (associated with your business objectives, such as growing revenue, containing costs, or entering new markets) and execution risks (associated with the day-to-day tasks required to execute your strategies).
  • Enable an aggregated view of risk across the organization. It is important to gain visibility to underlying risks across all organizational levels. Often, business groups have a siloed view of their own particular risks - and limited insight into how such risks affect the wider enterprise. Companies should be able to aggregate risk data with common naming conventions and analysis methods.
  • Protect existing value by preventing risk events from occurring. Prevention starts with identifying the proper KRIs to track your company's specific risk exposure. You should be able to continuously monitor these KRIs and evaluate the effectiveness of established thresholds.
 

Avoid Being Reactive

All too often, business owners operate reactively - only when a risk "pops up." A far better approach reduces risk events with continuous monitoring and proactive management. A tracking mechanism that lets you maintain and report risk status over time can enable a more dynamic response. Further, using automated processes that are repeatable and easy to audit allow you to develop best practices that deliver timely risk prevention and remediation.

A comprehensive risk management framework should provide for:

  • Risk planning. This includes defining roles, responsibilities, KRIs, and associated thresholds. In addition to establishing risk-relevant business activities, it is important to clearly document risk policies.
  • Risk identification. Identify key risks across all levels of the enterprise, with consistent nomenclature. Assign KRI business rules and document risk interrelationships.
  • Risk analysis. Perform qualitative and quantitative analysis. Consider both the negative impacts and potential positive consequences of unplanned events. Build risk scenarios, determine exposure, and review historical losses.
  • Risk response. Create resolution strategies for top risks that maximize return on capital. These should encompass process controls, procedures for transfer of responsibility, and approval cycles. Again, document your preventive and recovery responses.
  • Risk monitoring. Build proactive monitoring into existing business processes and strategies. Report risk exposure as well as specific incidents and losses. Monitor and evaluate response effectiveness and completeness.
 

By the Numbers

A proactive approach to risk management and compliance can deliver measurable business results. Consider, for example, these findings revealed by previous SAP benchmarking studies:

  • Companies that perform regular internal audits require on average 20% less time to close annual books.
  • Companies that have well documented processes, compliant with various Sarbanes-Oxley regulations, take on average 35% less time to close annual books.
  • Organizations that use standard analyses and reports to monitor purchasing operations and procurement processes achieve on average 30% higher savings.
  • Companies that use SAP® software for environmental compliance have on average 85% lower audit cycle times compared to companies with manual processes for environmental compliance.
 

LEVERAGING COMPLIANCE FOR COMPETITIVE ADVANTAGE
TRANSPARENCY AS DIFFERENTIATOR

"Our bottom line is that we're very satisfied with the SAP global trade software. Having faster access to goods can help us become quicker than our competition."
Hermann Grauthoff, CIO, JAB Josef Anstoetz KG

Playing to Win

Today's regulatory landscape is both formidable and evolving. Regulations concerning everything from internal financial accounting and international trade to environmental protection are rapidly changing due to increased globalization and government oversight. Moreover, companies in individual geographic regions must often operate within specific regulatory frameworks.

Like ensuring effective risk management, maintaining the necessary level of compliance with internal policies and regulatory requirements can also be extremely difficult. And the challenges sound familiar: activities siloed inside business units, manual controls, and multiple data sources.

But many top-performing companies recognize that seamless compliance can strengthen an organization's position in the marketplace. Moreover, such transparency can make a company an attractive - and low-risk - business partner. The key is fulfilling the requirements of all applicable regulations while identifying - and making the most of - all available opportunities.

Creating a Culture of Compliance

Similar challenges, similar solutions. Effective compliance also requires realtime visibility, continuous monitoring, and accountability throughout an organization. In specific, the following practices can enable more effective compliance:

  • Documenting compliance initiatives. Document necessary compliance structures using an approach that is top-down and risk-based. Identify new risks associated with evolving regulations and policies.
  • Centralizing control and process management. Consolidate standalone applications and processes to eliminate the need to integrate separate tools for documentation, testing, remediation, and control monitoring. Creating a library of all process documentation, risks, and controls across the enterprise can help ensure that your compliance activities are handled in a consistent manner and that you provide trusted data to regulatory bodies.
  • Performing regular assessment tests. Assess your controls to identify the most effective and efficient ones. Test controls for key risks using a combination of monitoring for automated controls, testing for manual controls, and self-assessments. Schedule tests in alignment with the compliance calendar, report the results, and flag issues for remediation.
  • Monitoring and remediating compliance issues in real time. Continuously monitor compliance as an inherent part of key business processes. Remediate identified issues and certify your results through formal audits and sign-offs.
 

Realizing Global Benefits

Best practices such as these can deliver significant benefits. Consider these examples:

  • Many top-performing chemical companies use integrated processes to manage compliance with volumebased regulations. With greater visibility, these companies can prioritize registration efforts, minimize supply chain disruptions, and make strategic decisions about their product portfolio. For example, companies might decide to reformulate a product to avoid future registration costs.
  • Savvy consumer product companies involved in global trade continuously monitor every sales and purchase order, and every inbound and outbound delivery, for adherence to embargoes, prohibited party lists, licenses, and regulations. This ensures proper declarations to both authorities and business partners. It also helps them identify - on an ongoing basis - where to claim reduced taxes or preferential import duties on eligible materials and goods such as those under free-trade agreements.
 

TAKING THE NEXT STEPS
A UNIFIED ROAD MAP TO BETTER BUSINESS RESULTS

Effective risk management with seamless regulatory compliance doesn't happen by accident. Companies need the right tools, techniques, and technologies to fully integrate risk-adjusted performance into their day-to-day business operations.

Companies in any industry can take immediate steps to establish a more holistic risk management framework within their organizations:

  • Conduct an audit of your business risks. Evaluate and identify all types of risks - strategic, financial, and operational. Understand the impact of those risks in both a corporate and departmental context.
  • Establish risk thresholds. Only you can determine your company's risk tolerance. Consider thresholds for both individual and combined risks. In particular, identify high-impact risks and set your response strategies accordingly.
  • Assess internal and external mandates. Gain clear visibility into the rules and regulations that affect your industry, your region, and your individual operations. With this insight, map your compliance structure and set control objectives.
  • Establish relevant policies and procedures. Define, document, and implement the necessary policies and procedures to address the specific risk and compliance issues that confront your company.
  • Implement effective controls. Use automated controls to ensure that your policies are followed as designed - while eliminating the additional risk of human error. Further, test the effectiveness of these controls on a regular basis.
 

Executive Insights from the Chief Value Office

SAP is committed to delivering value to our customers. With decades of experience working with thousands of CXOs worldwide, across all industries and lines of business, we have captured insights based on the best practices of top performers and the latest market trends. We have developed actionable, value-based recommendations to help companies chart their journey into the future. We are pleased to share our point of view in the SAP Executive Insights series.

About the Authors

Chakib Bouhdary is chief value officer of SAP AG. He is the founder of SAP's value engineering framework. His mission is to make every SAP customer a best-run business. Over the past six years, he has built a world-class organization of professionals focused on creating value along the entire IT investment cycle for prospects and customers.

Stephanie Buscemi leads solutions marketing for the SAP BusinessObjects portfolio and is responsible for go-to-market plans, cross-product solutions, and product strategy for enterprise performance management and governance, risk, and compliance. She has served in leadership roles in these areas for 14 years. Buscemi holds a BA from the University of California, Los Angeles, and is the co-author of the book Driven to Perform: Risk-Aware Performance Management from Strategy Through Execution.

SUPPORT FROM SAP
ASSOCIATED PROCESSES AND SOLUTIONS

SAP supports end-to-end, integrated processes with built-in industry best practices, including:

  • Managing business risk: Balance business opportunities with strategic, operational, financial, legal, and compliance risks to maximize corporate performance and minimize the market penalties from high-impact events.
  • Ensuring trade compliance and reducing trade duties: Lower the cost and risk of international trade with a comprehensive platform to ensure trade compliance, expedited cross-border transactions, and optimum utilization of trade agreements.
  • Managing compliance: Ensure compliance and enable risk-based process management by centrally monitoring internal controls and data across enterprise systems.
  • Managing compliance: Ensure compliance and enable risk-based process management by centrally monitoring internal controls and data across enterprise systems.

These processes are supported by a variety of solutions including the following:

  • The SAP® BusinessObjectsTM Risk Management application provides riskadjusted management of enterprise performance to optimize efficiency, increase effectiveness, and maximize visibility across risk initiatives.
  • The SAP BusinessObjects Strategy Management application helps business users rapidly align resources to execute on strategies. By clearly linking strategic plans to initiatives, performance measures, and people, you can set clear priorities that employees can act on with confidence and purpose.
  • The SAP BusinessObjects Process Control application provides continuous control monitoring across policies and regulatory requirements. It delivers unified, cross-system visibility for efficient management of multiple initiatives and increased confidence in decision making.
  • The SAP BusinessObjects Access Control application enables all corporate compliance stakeholders to collaboratively and continuously control access and authorizations to assets across the enterprise and help ensure segregation of duties compliance.
  • The SAP BusinessObjects Global Trade Services application helps you streamline complex import and export processes and compliance checks, ensure expedited customs clearance, and use automation and e-filing to optimize trade for lowest risk and minimal cost.
  • The SAP NetWeaver® Identity Management component helps you centrally manage user accounts (identities) in a complex system landscape. This includes both SAP and non-SAP systems.
  • The SAP Document Access application by Open Text is a powerful solution for archiving data and documents.
 
Searches related to Managing Performance, Risk, and Compliance for Better Business Results:
Risk Management | Risk Management Practices | Governance Risk Compliance | GRC | Business Risks | Compliance Risks | Management of Risk | Enterprise Risk Management | Risk Management Software | Risk Management Solutions | Key Risk Indicators | Kri | Risk Management System | Risk and Compliance Management | Risk-based Process Management | Comprehensive Risk Management Framework | Proactive Risk Identification | Governance Compliance Risk | Risk and Compliance Activities | Managing Business Risk | Risk Management Services | Risk and Compliance Practices | Financial Risk Manager | Risk Assessment Management | Effective Risk Management | Risk Management and Compliance Policies |
Risk Initiatives | Compliance and Risk | Risk Adjusted Performance Management Model | Enterprise Performance Management Governance Risk and Compliance | Report Risk Exposure | Strategic Risk | Financial Risk Management | Operational Risk | Risk Planning | Regulatory Compliance Risk | Risk Identification | Risk and Compliance Management | Risk Analysis | Risk Data | Corporate Governance | Risk Response | Risk Management Best Practices | Risk Monitoring | Risk Management Project | Operational Risk Management | Risk Management Audit | Risk Management Issues | Building a Better Performance Management Model | Risk Management Consulting | Sarbanes Oxley ACT Compliance | Risk Management Tools | Risk Management Analysis | Compliance Risk Management Framework | Sarbanes-Oxley Regulations | Risk Management Techniques | What is Compliance Risk | Financial Risk Management Software | Banking Risk Management | SOX 404 Compliance | SOX Audit | Sarbanes Oxley | Sarbanes Oxley Compliance Software | Information Risk Management | Aligning Strategy with Risk Management and Compliance | Risk Policies | Proactive Approach to Risk Management Abd Compliance | Risk Based | Holistic Risk Management Framework | Document Risk Interrelationships | Risk Thresholds | Risk Prevention and Remediation | Risk-Aware Performance Management from Strategy | Proper Balance of Risk Reward | Risk Insurance Management | Credit Risk Management | Risk-Relevant Information | Compliance Technology | Compliance Procedures | Market Risk Management | What is Risk Management | Audit Risk Assessment | Strategic Risk Management | Risk Management Articles | Define Risk Management | Regulatory Risk Management | Risk Management Methodology | Risk Management Products | Enterprise Risk Management Software | Corporate Risk Management | Risk Management Definition | Risk Management pdf | Risky Business Climate | Identifying Key Risks | SAP Businessobjects Risk Management Application | Risk SAP Executive Insight | SAP Benchmarking Studies | Best-practices Program at SAP | SAP Risk Management Software White Papers | SAP Businessobjects Strategy Management Application | SAP Businessobjects Process Control Application | SAP Businessobjects Access Control Application | SAP Businessobjects Global Trade Services Application | SAP Netweaver Identity Management | TEC Risk Management White Papers | Technology Evaluation Centers Risk Management White Papers |
Use this index to search for white papers related to commonly used search terms A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Others 
Recent Searches
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Others
A: 1 2 3 4 5 6 7 8 9
B: 1 2 3 4 5 6 7 8
C: 1 2 3 4 5 6 7 8 9 10 11 12
D: 1 2 3 4 5 6
E: 1 2 3 4 5 6 7 8 9
F: 1 2 3
G: 1 2
H: 1 2 3
I: 1 2 3 4 5 6 7 8 9
J: 1
K: 1
L: 1 2 3
M: 1 2 3 4 5 6 7 8
N: 1 2 3
O: 1 2 3
P: 1 2 3 4 5 6 7 8 9 10
Q: 1
R: 1 2 3 4 5
S: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
T: 1 2 3 4
U: 1 2
V: 1 2
W: 1 2 3 4
X: 1
Y: 1
Z: 1
Others: 1 2


©2013 Technology Evaluation Centers Inc. All rights reserved. Search powered by Google