SAP Risk Management

Business Challenges

Companies struggle to manage IT, operational, and strategic risks in an integrated way.
Board members are demanding more information from security and risk management leaders about integrated risk management.

Cost – Historically with SAP, you first have the license cost, and then, a potentially large expenditure on the deployment, as well as needing to become solution experts to support post implementation. Winterhawk have removed the entire capital expenditure aspect, providing a free deployment of SAP Risk Management with a then ongoing support service tailored to the size of your organization.

Solution Value

Gain value by providing insight into value-adding risks
Define and configure your business value drivers
Identify and configure the activities that create that value
Provide insight into how risks and controls can be optimized to meet strategic objectives

Minimize and eradicate unnecessary losses
Define and configure critical non-value-adding supporting activities and compliance activities
Identify and manage risks that can result in unnecessary losses
Balance acceptable residual risk with the cost of control and compliance

Scan for emerging risks
Continuously survey and assess emerging risks and opportunities
Continuously monitor risk levels, risk drivers, and risk indicators
Integrate risk management with control, compliance, and audit management

Licensing

Available either On Premise (client hosted – perpetual license) or via Cloud for Risk Management (SAP hosted – subscription license).

Preserve and grow business value

Get detailed insight into how risk drivers can impact your business value and reputation – with SAP Risk Management software. The powerful ERM tools support risk identification, assessment, analysis, and monitoring. Track key risk indicators (KRIs), align risk events with their potential consequences – and make responsible and defensible risk-aware decisions.

Functional Capabilities

• Risk strategy and planning: Define risk-relevant business activities, set up your organisational risk hierarchy, and assign risk appetite, risk owners, and responsibilities. Develop risk libraries to structure and report on risk assessment results – and define your KRI framework to automate risk monitoring.
• Risk identification: Document the potential root causes and consequence of risks – and identify the relationship between risks and events. Capabilities include: defining survey questions, documenting activities, proposing risks, and documenting risks and opportunities.
• Risk analysis: Run quantitative and qualitative risk analysis to determine the likelihood of occurrence and the potential impact of identified risks. Capabilities include: conducting assessments, building risk scenarios, scenario analysis, performing Monte Carlo simulations, risk response, and documenting responses and enhancement plans.
• Risk monitoring: Analyse and report on your company’s risk situation. Capabilities include: documenting incidents and losses for risk events.

Technical Capabilities

SAP Risk Management includes enterprise risk content and tools for industry-specific operational risk management.

• Graphical View: Supports creation and analysis of risks using graphical view
• Data Monitoring: Monitor application data from internal and external systems in real time
• Workflow: Use workflow to automate processes

Automated monitoring:

• CCM library: Automated continuous controls monitoring
• KRI library: KRIs organised by risk drivers, risk categories, and industries