Hi Nicolas
Good to hear you have the decision
For risk analysis - you need to decide if there are major business risks or if you can identify them through SAP BW authorisations. If not, you could at least maintain critical roles for SAP BW shell roles where you have provided administration access, etc in BObj
Still, it'd be good to see what connectors/syncs SAP can provide for non-ABAP based systems. Possibly @Prasant_Paichha comment about GRC 10.1 with HANA will also provide solution for Business Objects.
Regards
Colleen