Winterhawk has grown from a boutique to become the leading global SAP GRC and Security specialist. We support in excess of 3 million users, ranging from large enterprises through to smaller mid-sized organisations – everyone needs data protection!

Our client success stories, from across more than 20 different business sectors, demonstrate how companies are harnessing the power of GRC, and benefiting from our range of Regulatory, Cyber and Identity consulting services.

A selection of some of our most recent Case Studies:

• SAP GRC tailored Education Programme (Aerospace)
• SAP Security Role and User Audit Remediation (Aviation)
• SAP ECC to S/4 HANA Security migration project (Energy)
• Remediation of a Global Trade Services deployment (Logistics)
• Implementation of SAP Business Integrity Screening with FCPA content
• Implementation of SAP Access Control to SAP SuccessFactors
• Development of enhanced GRC reporting leveraging SAP Cloud Analytics
• Implementation of SAP GRC Access Control (Leisure)
• SAP Security Remediation (Life Sciences)
• Innovation: Development of Robotics and Machine Learning for GRC
• Process Control implementation with content (Oil Refining)
• SAP GRC Access Control 12.0 Implementation (Aviation)
• GRC Managed Services (Public Service)
• Audit Remediation and building new risk framework (CPG)
• Implement GDPR controls including HR separation (Life Sciences)
• SAP License Management and Remediation (CPG)
• SAP Identity Management Support and managed services (CPG)
• Implementation of SAP GRC Access Control (Medical Supplies)
• Data Visibility Remediation, IAM and IDM assessments (CPG)
• Access Control Implementation (Manufacturing)
• SAP Process Control implementation (Chemicals)
• SAP Security Remediation (Heating & Ventilation)
• SOD assessments and managed services (Food Services)
• GDPR and Cyber Services (Telecommunications)
• SAP Audit Management implementation (Chemicals)
• Low cost GRC Managed Services (Chemicals)
• Architecting a new SAP Governance model (Automotive)
• Building and Remediating Regulatory Controls (Financial Services)
• Addressing SAP Joiner, Leaver and Mover Processes (Financial Services)
• Building out Continuous Controls Monitoring (Engineering)
• Building Process Controls & Risk Frameworks (Automotive)
• Enhancing GRC Controls and Processes (Retail)
• GDPR content and deployment of SAP GRC Process Control (Retail)
• Audit Management Training and Planning (Private Healthcare)
• SAP Security S/4 HANA deployment (Education)
• Microsoft Active Directory review (Public Sector)
• SAP Risk Management implementation (Chemicals)
• GRC Access and Process Control deployment (Beverage)
• SAP Security & SAP Cybersecurity review (Utilities)
• SAP Tax Compliance deployment services (Retail)
• SOX, GDPR services content for GRC solutions (Media)
• SAP GRC Process Control Rapid Deployment (Oil and Gas)


“It’s always a pleasure working with skilled and highly competent resources. Winterhawk is a strong and reliable partner with a good understanding of our business complexity and ability to adapt any project to that.”
Christina Svendsen
Carlsberg, Head of IAG

“Winterhawk quickly demonstrated that they were SMEs in regulatory compliance. They helped us assess our current position for GDPR compliance and the steps needed to attain compliance. The plan came together in no time. I would strongly recommend.”
Eva Skeel
Føroya Telecom, Head of HR

“Winterhawk continually demonstrates strong expertise in the fields of Identity & Access Management, SAP GRC and SAP Security. In addition to project-related activities, they have quickly become an integral part of our Support and Managed Service Teams.”
Dror Orbach, Illumiti,
Chief Operating Officer

“We required education and training to re-establish the base use and understanding of our SAP GRC system which Winterhawk provided. Going forward, enables better use of the available functionality, having identified areas for improvement.”
Jonathon Damrel
GKN Aerospace, SAP Lead

Get in touch

Contact us to discuss your organisation’s needs.