Winterhawk Consulting Accelerate Governance, Mitigate Risks and Ensure Compliance

CIO VendorCharles Braswell, Managing Partner
Being a passionate professional with more than 15 years of experience implementing and upgrading financial and compliance software products, Charles Braswell was moved by the varied processes, inconsistencies and duplicities affecting the Governance, Risk, and Compliance space. “The companies are still struggling to address the various aspects of GRC across the entire organization, as they are stalled by the traditional siloed focus and a lack of a holistic view,” says Braswell. This compelled him to found Winterhawk Consulting—a SAP Services Partner and global provider of GRC services with three other collegues, Kim Barnett, Rick Wilson, and Bill Oliver, who have similar skills and backgrounds.

Headquartered in Lakeland, FL, Winterhawk Consulting specifically focuses on implementing SAP GRC products including SAP GRC Access Controls, SAP GRC Process Controls, SAP GRC Enterprise Risk Management; designing and deploying SAP Security Roles; and implementing Identity Management (IDM) solutions. The company also specializes in assisting organizations with Segregation of Duty (SoD) remediation efforts; migrating customers from Approva BizRights’/Approva One products to SAP GRC products;and providing comprehensive SAP Audit services like SAP Pre and Post Implementation reviews, SAP Application Control reviews,

The companies are still struggling to address all the various aspects of GRC across the entire organization, as they are hindered by the traditional siloed focus and a lack of holistic view

SAP Application Control testing, SAP GCC reviews, SAP GCC testing and SAP Control Rationalization.

Braswell feels that the regulatory and compliance landscape of today requires companies to ensure critical business applications such as SAP are properly secured and adhere to stringent guidelines related to privacy, proper segregation of duties, and limiting access to sensitive business and system transactions. However, within a SAP environment, the challenge of meeting these rigorous standards is compounded by the complex SAP Security model and the frequent changes occurring in the dynamic global businesses that run SAP. Winterhawk’s solutions address the business, technical, and compliance aspects related to delivering reliable SAP Security and Role Design Services, SAP GRC Services, SAP Audit Services, and IDM solutions.

In addition to SAP GRC and SAP Security implementations, SAP GRC Independent Verification and Validation, and SAP GRC Managed Services are two additional offerings provided by the firm. Winterhawk’s SAP GRC Independent Verification and Validation Service targets customers who desire to have an independent unbiased opinion on whether or not their SAP GRC project objectives, requirements, and goals are met by the organization’s SAP GRC integration partner. Whereas, SAP GRC Managed Services are focused on providing customers with Winterhawk’s resources, either domestically or offshore, that work transparently with the client’s SAP GRC team and provide the skill sets that are so difficult to find in the market today.

Winterhawk has developed implementation methodologies and project accelerators that significantly reduce the cost, level of effort, and duration of implementations. “Our project methodologies and accelerators focus on streamlining processes and automating tasks in order to provide our customers increased ROI on their GRC investments”, stated Braswell. The company’s ability to take an implementation process, break it down into repeatable steps and optimize the implementation through automation allows Winterhawk to offer customers fixed pricing on many of their projects.

Going forward, the company will focus on providing services and implementing products complimentary to its core GRC competency such as SAP’s Business Planning and Consolidation (BPC) and Onapsis’ X1 (an SAP Cyber Security product).

Winterhawk Consulting

Charles Braswell, Managing Partner

An SAP Services Partner and global provider of GRC services