What GRC (Governance, Risk, Compliance) solutions are other companies using with SAP ECC and S/4HANA? We are currently running SAP ECC with the old non-supported SAP GRC module (GRC Access Control v10.1) and are now considering non-SAP GRC solutions, and also considering the solution for S/4HANA.  The primary GRC functionality that we require / use is:  1) Access Control (includes Segregation of Duties and Critical Access) 2) Fire Fighter 3) User Access Management

Hi

CURA is a solution I used in my previous job. It was used at enterprise level down to each business unit to define and manage their internal risks. It's useful for overall view of our organization risk.

I would highly recommend looking into SAP Cloud SaaS alternative, which may replace SAP GRC in the future, called SAP IAG (Identity Access Governance). There are always 3rd party GRCs, if you really want to do 3rd party, but with SAP Cloud transformation, I would do IAG with SAP Cloud Identity Services to really have a integrated and standard integrations, if your landscape is more of SAP. Look at a 3rd party if you would like to go beyond SAP systems for scope. Even then IAG, and SAP SCI supports APIs, SCIMs ...