My first experience with Oracle GRC was in 2008 during an Oracle E-Business Suite upgrade wherein I got an opportunity to install and configure Oracle GRC module AACG (Applications Access Controls Governer) ver 8.5. to integrate with Oracle EBS 18.104.22.168
Then, it was a newly acquired product from LogicalApps. Though a bit complex in terms of integration with EBS where in it requires expertise in areas of Oracle Applications Database Administration, Functional setups and SQL PL/SQL programming
If properly implemented, I believe Oracle GRC is a high ROI in the long run.
Few of its benefits are:
1) Saving considerable time and resources during Audit with all the required reports for Auditors.
2) Granular approach on Segregation of Duties (SOD)
3) Helps your organization achieving total SOX compliance.
4) A comprehensive GRC BI Suite
5) Oracle GRC provides the options for Controls at various levels of Enterprise Data Access.
This can be implemented through following modules:
a) Transactions Controls Governor (TCG)
b) Configuration Controls Governor (CCG)
c) Preventive Controls Governor (PCG)
d) Applications Access Controls Governor (AACG)