SAP Audit Management vs ServiceNow Governance, Risk, and Compliance

Likelihood to Recommend

SAP Audit Management is the absolute best software available for large, multi-national companies that have dedicated internal audit resources. Further, due to the implementation costs, I would only recommend a company to be serious about purchasing this software if external audit expenses were upwards of $2 million per annum. Also, better suited for an organization that already has solid audit procedures in place but wants to integrate them and increase audit efficiency. A company starting from scratch would not value this particular software as much because integration becomes less important in that scenario.

Read full review

Jeff Looby, CPA

Associate

Credit SuisseBanking, 10,001+ employees

View all 3 answers on this topic

Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.

Read full review

Verified User

Manager in Finance and Accounting

Mining & Metals Company, 10,001+ employees

View all 6 answers on this topic

Feature Rating Comparison

SAP Audit Management

ServiceNow Governance, Risk, and Compliance

Common repository of GRC items

Risk management

Integration with Corporate Performance Management (CPM) systems

GRC policy management

Incident management

Pros

Integration with SAP Risk Management, SAP Process Control, and Access Control.
Simple user interference and drag and drop option
Both on-premise or cloud deployment option

Read full review

Verified User

Professional in Information Technology

Automotive Company, 10,001+ employees

View all 3 answers on this topic

Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this.
Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these.
Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one

Read full review

Verified User

Engineer in Information Technology

Information Technology and Services Company, 1001-5000 employees

View all 6 answers on this topic

Cons

New users may sometimes find it complicated getting used to it which requires training tutorials - definitely not the basic ones.

Read full review

İhsan Akkarpuz

STA Site Engineer (CV Car, B Car, Cargo, Engine, Transmission)

Ford OtosanAutomotive, 10,001+ employees

View all 3 answers on this topic

Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes.
Easier way to implement workflow.
Offering better metrics without buying add-on tools.

Read full review

Nick Bettes, CRISC, MBA

IT Risk & Compliance Manager

King & SpaldingInformation Technology and Services, 10,001+ employees

View all 6 answers on this topic

Usability

No score

No answers yet

No answers on this topic

ServiceNow Governance, Risk, and Compliance 7.2

Based on 4 answers

I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.

Read full review

Verified User

Manager in Finance and Accounting

Mining & Metals Company, 10,001+ employees

View all 4 answers on this topic

Support Rating

SAP Audit Management 8.7

Based on 4 answers

This tool helps internal auditors for scoping, risk assessment, resource management, and project management of internal audits. Due to the streamlining and automated audit process, it lowers audit cost and time for auditing. This can be integrated with analytics tools for risk analytics and make KPI of higher management. Issue tracking, audit, and log report generation are very simple.

Read full review

Verified User

Professional in Information Technology

Automotive Company, 10,001+ employees

View all 4 answers on this topic

ServiceNow Governance, Risk, and Compliance 7.4

Based on 4 answers

It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.

Read full review

Verified User

Manager in Finance and Accounting

Mining & Metals Company, 10,001+ employees

View all 4 answers on this topic

Alternatives Considered

I wouldn't say there is a true peer to SAP Audit Management currently available on the market. SAP Audit Management is the only software that is. It is designed by and developed for audit practitioners across the world. Further, the software unlocks the disparate information for Internal Audit departments and supports audit experts in their day-to-day activities with an easy to use. collaborative, and risk-based approach towards audit procedures.

Read full review

Jeff Looby, CPA

Associate

Credit SuisseBanking, 10,001+ employees

View all 3 answers on this topic

TraceGP is a project management tool that was customized to work with ITIL. But, nothing ITIL-like. And as we needed a tool that was really "compatible" with ITIL, we discovered in ServiceNow a real tool that could help us. We can now do things like, for example, find an incident that was related to a specific problem.

Read full review

Verified User

Technician in Information Technology

Banking Company, 51-200 employees

View all 6 answers on this topic

Return on Investment

SAP product aids in following up on the assignments of our annual MSA audits.
The user-friendly interface makes our meetings more efficient and saves time.

Read full review

İhsan Akkarpuz

STA Site Engineer (CV Car, B Car, Cargo, Engine, Transmission)

Ford OtosanAutomotive, 10,001+ employees

View all 3 answers on this topic

Mostly cultural change. If teams aren't aware of the new implementation of GRC and they get a request to answer questions, it can be confusing. This is cultural and not a con against the product.

Read full review

Verified User

Engineer in Information Technology

Information Technology and Services Company, 1001-5000 employees

View all 6 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Rating Summary

SAP Audit Management

ServiceNow Governance, Risk, and Compliance

SAP Audit Management

ServiceNow Governance, Risk, and Compliance

SAP Audit Management

ServiceNow Governance, Risk, and Compliance

SAP Audit Management vs ServiceNow Governance, Risk, and Compliance