FAQ

What is the Integrc Support Centre?

The Integrc Support Centre was created in response to customer demand for lower cost, specialist GRC & security support, advice and operate services. From our near shore centre in Northern Ireland, we are able to provide project and support services focussed on high quality, lower cost delivery. We run short term projects and long term managed support and operations services from this centre, including managed security, managed GRC and compliance assurance.

We have proven that using the Integrc Support Centre can be more cost effective than hiring contractors, as well as providing benefits such as reducing your risk, only paying for what you use, continuity of service for holiday and sickness, easy and fast access to expertise, and enabling you to focus on what you want to focus on.

What are Integrc’s credentials?

Integrc has probably the largest and most experienced team of independent SAP security and GRC professionals in the world. We have experience from over 500 projects, covering matters as diverse as the latest Process Control solutions, numerous ERP upgrade projects, many role re-designs and green field implementations. Our consultants are all specialist in SAP security/GRC with an average of 8 years of relevant experience.

Where does Integrc operate?

Integrc is a global provider with operating centres in Europe, India and Middle East. Projects can be run from our staff in these centres, supported remotely by the Integrc Support Centre. Integrc has delivered GRC services in over 30 countries worldwide. Integrc’s founding was in Europe, and the largest pool of resources is still currently based in Europe in our major centres in the UK and the Netherlands.

What happened to su53 and to CSI?

After several years of tactical co-operation, the two companies combined in a 50:50 merger in 2012 to form Integrc, the world’s leading independent consulting firm for independent GRC services for clients using SAP. The capabilities, tools, assets, investments and people from both companies were fully retained, bringing a highly capable team together with experience across some 300 clients.

How do I put together a business case for implementing a GRC solution?

Integrc has worked with many organisations to help establish the business case for implementing a solution to meet their Governance, Risk and Compliance needs. We have devised a model that takes variables specific to your circumstances and calculates what the return on investment is likely to be. We have already done the hard work on this by building the model so that you can get a quick answer as to what the likely benefits.

How should I prepare for an upcoming audit?

Some of our consultants have a pure background in systems auditing, others are fully CISA and CISM accredited, others have worked for the “Big 4”. This enables us to advise companies on what their auditors will be looking for and how to manage issues before they are reported. The audit bar continues to be raised year on year Integrc is perfectly placed to help you stay ahead of the game.

Our Risk Review service is ideal for looking into the issues that could be raised by your auditors. The review identifies any issues and recommends what course of action is required to remediate them. Segregation of Duties is still the most commonly flagged issue in audits. Integrc can manage these for you with powerful continuous compliance solutions, or event a one off or periodic assessment of your users and roles.

How can I reduce the cost of SAP security management?

Integrc is focused on helping customers to reduce the cost of managing GRC & security related operations. Call us to learn about our passion for helping you to get more for less, and examples of where we have achieved this. We have innovative solutions for expediting projects, minimising the cost of on-going support, reducing project costs and can also advise you on the best use of technology to automate processes and ensure compliance.

How should I manage Segregation of Duties issues?

Due to the complexity of analysis, you will almost invariably need a tool to enable effective Segregation of Duties reporting and management. There are a wide range of tools on the market with a wide range of functionality on offer across all price brackets. Integrc is able to advise and help you assess which product is the best for your individual circumstances in terms of available budget, product functionality and your objectives for SoD management.

What is business GRC?

A distinction should be made between the term Governance, Risk and Compliance and the technology that supports it. GRC is often used to describe technology but GRC is about more than just technology, it is also about people and processes. It enables organisations to understand their stakeholder expectations and meet those expectations through policies that minimise risk and maximise performance whilst operating within legal, ethical, contractual and your own voluntary boundaries.

Do you only work with SAP?

No, but we are specialists that focus on clients that use SAP. However most such organisations inevitably use other applications and in many situations want to have a cross applications view of GRC. That means we don’t tend to work with clients that don’t use SAP, but we work cross process and application for those that do.

Our experience and view is that clients using SAP tend to look towards SAP solutions first, and SAP’s GRC product portfolio is generally recognised as a market leader. We are independent but our experience is that SAP GRC is one of the strongest, safest and most future-proof solutions available. Support and integration is excellent, and current and roadmap functionality is strong. Integrc stays close to SAP to understand – and influence – product direction. If SAP GRC is the best solution for you, you will find no more experienced or better able organisation to help you: if however we feel SAP GRC is not the right solution for you, we will say so and explain why.

Why should I implement SAP GRC Access Control?

The business case for SAP GRC Access Control is compelling. This technology can deliver strong benefits in terms of enabling organisations to manage access related risk and drive down costs. In most cases, we find that the driver for implementing Access Control is audit related where there is pressure to manage Segregation of Duties violations or super user/emergency access. For these cases, customers implement the Risk Analysis & Remediation (RAR) and Super User Privilege Management (SPM) applications. Whilst customers may achieve a reduction in audit fees resulting from using RAR, there are also significant cost saving opportunities by implementing the Compliant User Provisioning (CUP) application where provisioning and de-provisioning SAP access can be automated for production and non production systems. Other functionality within CUP such as password self service and user access reviews are further opportunities to automate key areas of SAP user management with the result being cost saving, reduced risk, improved efficiency and better service being provided to the end user.

Why should I implement SAP GRC Process Control?

The business case for process control is often easy to prove and significant. Benefits arise from reducing control operation costs, control testing costs, and by improving controls. In key business process areas the improvements can have quick financial paybacks: tackling duplicate payments, optimising supplier discounts, accelerating positive cashflows, enforcing consistent procurement, reducing stock write-off tolerances – these are typical areas in which returns can be achieved swiftly. The use of control automation itself both improves the frequency of control operations and removes the need for manual intervention, with just exceptions being flagged for action.

Are you looking for additional people?

Yes! Integrc is growing quickly and perhaps the key to continued delivery excellence is having the best people – people who understand and have a passion for GRC & security, and who fit into the dynamic and specialist culture of Integrc. If that’s you, or you know someone like that, then please get in touch straight away. Please visit our career page for more information.