SAP has announced a new range of three compliance products.

The applications are based on SAP's new service-oriented architecture (SOA) and offer companies help with repository, process control and risk management functions.

In May, SAP announced the creation of a new governance, risk and compliance (GRC) business unit that would develop new technology to help companies meet a growing list of requirements - particularly in the US, such as the Sarbanes Oxley Act (SOX), Food and Drug Administration (FDA) regulations for pharmaceutical companies, and Basel II regulations for the banking sector.

The first, GRC Repository, documents and maintains GRC information in a single central system, including corporate policies and regulations, and stores and links risk and control libraries to multiple control frameworks and international regulations. The centralisation of GRC information simplifies risk management, increases transparency and cuts costs associated with GRC initiatives, the company said.

SAP GRC Process Control is designed to automatically aggregate business process risks for the entire company, provide supporting evidence of compliance, and pinpoint control violations so that corrective action can be given a priority. The software integrates automated control monitoring for SAP and non-SAP applications.

And Risk Management provides an analysis of key business risks at multiple levels of the company, across different entities, business process and IT infrastructure. It is designed to help professional risk managers and company owners identify financial, legal and operational risks, analyse business opportunities and develop appropriate responses.

SAP will sell all three products separately. The repository and process control applications will ship at the end of November, with the risk management software product to follow in December.

At the same time, SAP announced a joint marketing agreement with Cisco for the GRC products.