Thomas Frenehard

Thomas Frenehard

About Thomas Frenehard

Thomas Frénéhard is a director in the Governance, Risk, and Compliance Solution Management team at SAP. His particular responsibility is with SAP Risk Management. Thomas's other functional areas of focus are in internal control and compliance management and audit management. In this role and in constant interactions with SAP’s network of partners, clients, and internal stakeholders, Thomas is responsible for bringing together technology, skills, and products to deliver an always-compelling solution for enterprise risk management.

hiker climbing at Mount Everest National Park

Top Risks For 2020, And How To Involve All Stakeholders

23-Mar-2020 | Thomas Frenehard

Part 11 in the “Controls and Risk Management” series Predicting risks is sometimes more of an art than a science. And this blog isn’t about our current state of preparedness for a pandemic sc

Satellite image of the Earth at night

Risk-Based…Well, Everything, Really!

16-Mar-2020 | Thomas Frenehard

Part 10 in the “Controls and Risk Management” series Since I started working in GRC software, and actually even sometime before, when I was working on audit topics, a recurring concept has been

Boy putting euro coin into piggy bank

Creating A Business Case For A Governance, Risk, And Compliance Solution

9-Mar-2020 | Thomas Frenehard

Part 9 in the “Controls and Risk Management" series A few years ago, I published a blog that generated over 8,500 views and many offline comments: "Return On Investment For Your GRC Program, Anyone

young girl using microscope in science class

Automated Screening: Know More About Companies You Do Business With

2-Mar-2020 | Thomas Frenehard

Part 8 in the "Controls and Risk Management" series In addition to traditional post-process controls, more and more organizations have to enforce proactive screening and monitoring of the organizat

Business team working with reports

What Makes A Good Report Template In A GRC Solution?

24-Feb-2020 | Thomas Frenehard

Part 7 in the “Controls and Risk Management" series I was recently in a discussion with our development team, and the topic revolved around potential enhancements to the reporting that we include

a long winding road on the hillside of a rural area

Risk Management Project: Where Do I Start?

17-Feb-2020 | Thomas Frenehard

Part 6 in the "Controls and Risk Management" series Whenever I talk to customers who decide to embark on a risk-management project, wherever they are in the world, one question always kick-starts t

A canal in Copenhagen Denmark

What’s In A Risk Management Information System?

10-Feb-2020 | Thomas Frenehard

Part 5 in the "Controls and Risk Management" series I have been working in the governance, risk management, and compliance software arena for over 15 years now, and even though some consider it a

candles spell happy birthday

SOX Is Turning 18, But Still Requires Much Attention

3-Feb-2020 | Thomas Frenehard

Part 4 in the Controls and Risk Management series This year, we’ll be celebrating the 18th anniversary of the introduction of the Sarbanes-Oxley Act. Nicknamed SOX, SOA, or Sarbox, the act is has

Team celebrates their chief security office on her accomplishments

The Chief Information Security Officer Is Not The Enemy

27-Jan-2020 | Thomas Frenehard

Part 3 in the Controls and Risk Management series A few days ago, I was having dinner with a friend who happens to be the chief information security officer (CISO) at a midsize software startup.

Woman stands at a table working on her laptop

The Use Of Risk Scenario Analysis

20-Jan-2020 | Thomas Frenehard

Part 2 in the Controls and Risk Management series Risk scenario analysis is often considered to be a complex technical method involving many mathematical computations. This unfortunate reputation i