BANGALORE
SEPTEMBER 20, 2006

Building on its existing GRC (Governance, Risk and Compliance Management offerings), SAP Asia Pacific announced three new service-oriented architecture (SOA)-based applications designed to create a governance, risk and compliance foundation for all types of companies.

SAP solutions for GRC will work together to serve as the building block for an end-to-end compliance solution.

Built on top of this foundation will be enterprise services that meet the rigorous requirements of numerous industry-specific GRC mandates. SAP will drive continuous innovation on top of each of the three new GRC applications.

The three new applications are SAP GRC Repository, SAP GRC Process Control and SAP GRC Risk Management.SAP GRC Repository will document and maintain GRC information in a single central system of record, including corporate policies, board of director minutes, regulations, compliance and control frameworks as well as key business processes. It will also store and link risk and control libraries to multiple control frameworks and to international regulations. This centralization of key GRC information simplifies risk management, promotes business transparency and cuts the costs associated with GRC initiatives.

SAP GRC Process Control will offer a risk-based approach that aligns key controls to business risks in order to promote desired employee behavior and optimize business processes. The process control application will automatically aggregate business process risks for the entire enterprise, provide supporting evidence of compliance, pinpoint control violations to prioritize corrective action and prevent material weaknesses from developing and persisting. The software will integrate automated control monitoring for SAP and non-SAP applications.

SAP GRC Risk Management will help customers to implement collaborative risk management processes that provide a thorough analysis of key business risks at multiple levels of the enterprise, across organizational entities, business processes and IT infrastructure. SAP has designed intuitive and collaborative processes to guide professional risk managers and business owners in identifying financial, legal and operational risks, analyzing business opportunities in light of these risks, and developing appropriate responses.

General availability for SAP GRC Repository and SAP GRC Process Control will be November 30, 2006. SAP GRC Risk Management will ship in December 2006. All three products will be sold individually.

Page(s)   1