ControlPanelGRC: Exceptional GRC Platform for SAP Environment

CIO VendorScott Goolik, CTO
With an ever evolving and dynamic SAP environment, enterprises find it enormously challenging to keep up with the demand of security and controls within their current landscape. SAP customers are often faced with difficulties associated with time, cost, and manual audit reporting processes. SAP security is very complex and many a times, can only be understood by certified technical experts. “Through exceptional usability, rapid implementation, and seamless integration to SAP, ControlPanelGRC is able to provide robust reporting and analytics with an easy-to understand user interface,” points out Scott Goolik, CTO, ControlPanelGRC.

ControlPanelGRC is an easy-to-use, yet powerful GRC continuous controls monitoring platform that automates compliance and audit-relevant tasks for IT and SAP security professionals. Gone are the days of time consuming compliance reporting where a manual report is run on a periodic basis. ControlPanelGRC solutions operates on a “push versus pull” mentality for compliance and audit reporting where the software “pushes out” an automated report based on the organization’s unique compliance requirements to a business user on a monthly or weekly basis. “Our automated solution is very powerful because you no longer have to rely on a manual process to execute a report,” says Goolik. ControlPanelGRC’s understanding of the four main compliance areas, are reflected in the four solutions suites— Access Controls, Process Controls, Basis Controls, and Security Accelerators.

The Access Controls suite functions upon the principle of “get clean and stay clean.” It assesses compliance failures, segregates duties, and along with the usage data, provides a remediation plan.

“We use an emergency access to provide elevated rights to people for a short period of time to get around an issue. Combining workflow, we can get a documented review to verify that the access granted and changes processed were reasonable,” says Goolik. Access Controls addresses periodic access reviews, changing entitlements, and critical transactions.

Process Controls evaluates the business process, configuration, master data, and transactional data for risks. The Enterprise Risk Management module allows a company to capture risk outside of the SAP system to provide the necessary documentation and testing.
Basis Controls is a technical infrastructure, handling chain control for SAP for development and quality.

Consequently, Security Accelerators automate password resets from a webpage and casting tools for SAP security. Through a problem solving-focused, ControlPanelGRC addresses security risks not all companies may be aware of. When a medical device company’s segregation of duty (SOD) and SAP security became too large, they turned to ControlPanelGRC for assistance. “They purchased the Access Controls suite and utilized our remediation capabilities which effectively took care of SOD conflicts,” says Goolik.

ControlPanelGRC provides robust reporting through an easy-to-understand user interface —making companies always audit ready!

By rapidly deploying ControlPanelGRC, the customer was able to be completely SOD conflict free within 6 months of implementation.

“Our work is a continuous improvement cycle. Unlike other solutions, ControlPanelGRC is written, implemented and supported by GRC professionals. The focus is creating a new and innovative solution, in order to make our customers as efficient and effective as possible,” says Goolik. It takes a good deal of listening, and customer-focus to continuously evolve our solution to meet the ever changing audit requirements SAP customers are tasked with. Developed by SAP professionals for SAP professionals, our Solution Suites provide the robust functionality companies need to meet SAP compliance requirements.

“We now have mobile app for ControlPanelGRC users, which can be downloaded to enable various approvals and reviews directly from a mobile device or a tablet,” he adds. Along with continued investment in the Process Control solution and enterprise risk management, the company is looking forward to tailor methods to combat corruption in the compliance space.


Milwaukee, WI

Scott Goolik, CTO

GRC platform that automates compliance and auditrelevant tasks for SAP IT and security professionals.