本研究針對台灣某家水泥公司導入企業治理、風險及遵循(Governance, risk management, and compliance簡稱GRC)解決方案之SoD (Segregation of duty)專案進行研究觀察,提供企業在導入ERP之後,欲進行導入企業治理、風險及遵循解決方案時之參考。由於個案公司已導入ERP專案,所以不論在流程方面或系統操作方面都已有充份的知識與能力。當然在專案導入的過程中,也是會遭遇到一般ERP導入時會遇到的問題,如人為配合等。在經歷多次研討會議與系統反覆驗證,成功導入職責分離資訊系統。 透過GRC專案的導入,使個案公司對SAP ERP系統的投資發揮最大的效用。以往企業實施ERP主要是為了滿足業務流程的自動化,若內部控制也能夠自動化,就能達到管理階層所要的控制目的,對風險能夠持續監測與控制。 In this case study, one cement company in Taiwan implement the solution of corporate governance, risk and compliance (GRC) - SoD project was observed. This provides a good reference for enterprises which have been implemented the ERP system plan to implement corporate governance, risk and compliance solutions. In this case company has been implemented the ERP project, so people both in business processes or systems operations already have sufficient knowledge and ability. Of course, during the process of implementing the project, the general ERP implementation issues encountered, such as human co-ordination. After many workshops, conferences and system verifications, the case company successfully implemented the SoD information system. Through the GRC, the case company's SAP ERP system has maximized their investment. Before, the companies implemented the ERP system is mainly to fulfill the business process automation. If internal controls can also be automated, we can achieve the management control purposes, and risk monitoring and control can be sustained.
