SoD (Segregation of Duties) and GRC (Governance, Risk, and Compliance) experts are vital members of any publicly traded organization that relies on SAP.
In the long run it can be a rewarding and lucrative position that greatly influences the procedures and bottom line for businesses large and small. SoD (Segregation of Duties) and GRC (Governance, Risk, and Compliance) experts are vital members of any publicly traded organization that relies on SAP. In the long run it can be a rewarding and lucrative position that greatly influences the procedures and bottom line for businesses large and small.
Given its highly specialized nature, you might not be sure how to even begin breaking into this glamorous field. Below we will break down our top 3 tips for getting on the right path to becoming a true GRC expert for SAP environments.
1. Accumulate experience from live projects.
The folks at the SAP education platform stress that the best way training to become a “SAP guru” is via SAP education offerings. While knowledge of the basics is important, the true secret to raising your value (and marketability) as a SAP authorization (or GRC) expert is experience. Like all specialized fields, it’s your experiences in different scenarios and procedures that will set you above other candidates.
But how do you get experience as a beginner starting out?
When searching for opportunities, it is crucial that you are in a position where you can be trained and work on actual projects. This might mean that you start with a very low salary but if it’s a good company with projects where you can learn a great deal, it will be worth it in the end.
You should think of this first position as your GRC “boot camp” in which you get your hands dirty and get that first project on your resume. You will have to work hard, call in favors, network, and tap into your connections in order to find the right place but settling for a maintenance role is not worth the time investment or the forgoing of a normal salary.
If you are only working on the “maintenance” phase of a project that recently finished, you may occasionally have the opportunity to maintain a Segregation of Duties (SoD) rule, amend some Firefighter workflows or change an authorization, but that is the most you can hope for which is not enough.
2. Never stop learning
While experience trumps all, you need to supplement your lived-skills with learning if you want to rise to the top.
As you are working on your projects, broaden your knowledge of the SoD and GRC fields by reading books, participating in Q&A forums, keeping up to date with web articles, videos, and more. LinkedIn groups such as GRC Professionals, SAP GRC Network, SAP Security & GRC Consultant, and Global Corporate Fraud and Compliance Professionals can also keep you well informed and help you network. The general SAP education platform is also always a good option as well.
We all know that the best way to learn is by listening, so make sure you are always alert, ask good questions, carefully listen and understand answers. and continually observe the habits, actions, and philosophies of experts you admire during your first year on the job and really throughout your career.
3. Connect with a mentor
At this stage it is vital that you seek out a professional who is an expert in your desired field. Preferably someone who is in a senior position at your organization, who can act as your mentor and not only seriously assist in the level of training and career direction you desire but also connect you to other key people who can help you along the way.
The Big Four audit firms (Ernst & Young, KPMG, PwC, and Deloitte) are great places to look for a top SAP GRC mentor. These companies foster senior consultants who regularly enjoy mentoring ambitious new people.
Follow these three steps and you will be well on your way to being that “SAP guru.” If you are already a GRC expert in SAP, we would love to hear from you. What is your best advice on how to get started? Please share your thoughts in the comments.