Añadir a la recogida (s) Añadir a salvo
  1. Ninguna Categoria

Southern California Edison

Anuncio 
Improve Internal Controls with
Governance, Risk, and Compliance
Solutions
Jay Castleberry
Director, Technology Delivery & Maintenance
Southern California Edison
Southern California Edison
0
WWW.SCE.COM
Southern California Edison (SCE)
Company Overview
 One of the largest electric utilities in North
America
 More than 14 million customers
 More than 17,000 employees
 Major organizational units:
– Transmission & Distribution,
– Nuclear Generation,
– Supply Chain Operations,
– Customer Service,
– Information Technology
 SAP landscape – HCM, FICO, OS, EAM, SRM,
CRM, SUS, BW, GRC, etc.
Southern California Edison
1
WWW.SCE.COM
Governance, Risk, and Compliance (GRC*) Drivers
Overarching standards, processes, and priorities
Opportunities
Business Drivers
 Provide reasonable
assurance
 Integrate Compliance
 Realize operational
efficiencies
 Promote compliance
excellence and personal
responsibility
 Enhance executive
visibility
 Ensure clear line of sight
 Leverage best practices
 Leverage best practices
across the company
* In this context, 'GRC' does not refer to 'General Rate Case'
Southern California Edison
2
WWW.SCE.COM
Leveraging Existing SAP GRC Investment
Strategic, long-term investment in SAP’s GRC technology
Expand
Upgrade
Build
Migrate Existing
Functionality to
version 10.0 &
Leverage Inherent
Enhancements
Baseline
Install SAP Access
Control 5.2 and SAP
Process Control 2.5
Southern California Edison
Enhance and Build
onto Existing
Baseline
Functionality
3
Implement SAP Risk
Management 10.0
and Enable
Integrated
Capabilities
WWW.SCE.COM
GRC Maturity at SCE
Stakeholder Value
Past, Current, and Desired Future State
2013+
2012
2009
2010
2011
Stages of GRC Capability Maturity at SCE
SOX Compliance
IT Compliance
Southern California Edison
NERC CIP
4
GRC 10.0 Upgrade,
ERM and ECMS
Access, EH&S,
HR, etc
WWW.SCE.COM
GRC Maturity at SCE – SOX Compliance
SOX Compliance 2009
Benefits
 Automated segregation of
duties (SoD)
 Continuous controls
monitoring
 Workflow automation
 Single system of record
Southern California Edison
5
WWW.SCE.COM
GRC Maturity at SCE – IT Compliance
IT Compliance and NERC CIP 2010-2011
Benefits
 Enabled monitoring
 Enabled automation
 Leveraged workflow
 Qualifications
 Revocations
 Access List
Southern California Edison
6
WWW.SCE.COM
GRC Maturity at SCE – Enterprise Compliance
GRC 10.0 Upgrade and ECMS 2012
Benefits
• Catalog
• Workflow / Controls
automation
• Policy management
• Increased performance
and robustness
• Ease of use
• Business role
management
Southern California Edison
7
WWW.SCE.COM
GRC Maturity at SCE – Risk Management
Addition of SAP Risk Management 2012
Benefits
 Ability to quickly survey
 Focus on most relevant
key risks
 Automation of workflow
and data approval
 Systematic sign-off of
enterprise risk data
 Version control
 Customizable reporting
Southern California Edison
8
WWW.SCE.COM
GRC Maturity at SCE
Stakeholder Value
Past, Current, and Desired Future State
2013+
2012
2009
SOX Compliance
2010
IT Compliance
2011
NERC CIP
GRC 10.0 Upgrade,
ERM and ECMS
Access, EH&S,
HR, etc
• Continue to broaden use of
v10.0 to other areas of
compliance and enable
linkage of data elements
• Enterprise Wide Identity
Access Management
Southern California Edison
9
WWW.SCE.COM
SCE’s Vision for 2013 and Beyond
Moving to the Risk-Intelligent Maturity State
 Expand continuous control monitoring
 Increase visibility to further compliance areas
 Enable linkage between data elements
 Replace additional legacy compliance systems
 Expand and integrate enterprise wide identity access
management capabilities with GRC
Southern California Edison
10
WWW.SCE.COM
Lessons Learned
 Ensure adequate level of executive sponsorship
 Look for value beyond compliance
 Define a roadmap for execution
 Start communication early
 Involve subject matter experts (SMEs)
 Leverage existing assets and investments
 Use a common methodology to continuously assess risk
 Develop a platform for current and future requirements
Southern California Edison
11
WWW.SCE.COM
Thank You for Attending
Jay Castleberry
[email protected]
www.SCE.com
Southern California Edison
12
WWW.SCE.COM
Documentos relacionados
HELPING YOU MANAGE YOUR ENERGY NEEDS AND COSTS
HELPING YOU MANAGE YOUR ENERGY NEEDS AND COSTS
pana Budget Your Electricity Bill with the Level Pay Plan
pana Budget Your Electricity Bill with the Level Pay Plan
Prefer to Communicate in Spanish? ¿Prefiere
Prefer to Communicate in Spanish? ¿Prefiere
Notice of Intent to Adopt a Mitigated Negative Declaration
Notice of Intent to Adopt a Mitigated Negative Declaration
The UPS-Quito Basketball Team won second place in the 2016 All
The UPS-Quito Basketball Team won second place in the 2016 All
Planning and visual control systems for companies
Planning and visual control systems for companies
2336604 - New brand name for SAP BPC
2336604 - New brand name for SAP BPC
f1748ec7e2af3ac63225bd49ea3c3c37
f1748ec7e2af3ac63225bd49ea3c3c37
Descargar
Anuncio
Anuncio