The Client: Reputed Financial Services Provider


The client is deeply committed to maintaining a culture of integrity, accountability, and transparency across the enterprise. To that end, they invest considerable time and effort in maintaining consistent compliance with SOX requirements, assessing risks, and auditing internal controls.

Yet with multiple different business segments and offices spread across the east and west coast of the U.S., the client found it increasingly challenging to manage the growing demands of SOX and internal auditing. One of their biggest roadblocks was the lack of a cohesive structure to integrate and enable greater collaboration across key processes such as risk assessments and internal audit planning. In addition, the company’s audit team was keen to gain greater oversight of SOX compliance and internal auditing - and as a result, they chose to upgrade their compliance and audit systems.

After considering several solution providers, the client settled on MetricStream based on their extensive success in providing cutting-edge, flexible GRC solutions to top financial services providers. MetricStream enabled the client to strengthen SOX compliance and internal audit processes, and integrate them in a common framework for greater efficiency and transparency - all this, quickly and cost-effectively due to MetricStream’s cloud offering.

Download a Case Study


Before implementing MetricStream’s solution, the company faced a number of challenges:

  • Lack of sufficient information sharing on risk and controls across departments and business segments
  • High costs of managing control tests, internal audits, documentation, and reporting
  • Substantial time and effort required to manually create audit checklists
  • Limited visibility to track the status and progress of SOX compliance, internal audits, and the issues that arose in these processes
  • Complexity of accurately mapping each risk to the relevant processes, controls, control tests, and other GRC objects


  • Breakdown of silos:
    The MetricStream solution is built on a scalable GRC platform that extends across departments, business segments, and locations, unifying over 200 users in one framework. These users are able to easily coordinate SOX compliance and internal audit activities, share information, and work together towards meeting regulatory requirements, and lowering the organization’s risk exposure.
  • More streamlined and efficient audit planning:
    By integrating risk assessments and internal audit planning, the MetricStream solution has helped the client simplify audit forecasting, prioritize audit tasks more effectively, and distribute audit resources and costs more efficiently.
  • Greater top-level visibility:
    The MetricStream solution enhances oversight of SOX compliance and internal audit processes across the enterprise through real-time dashboards and reports. It also establishes clear relationships between risks, controls, tests, auditable entities, and other GRC objects, enabling the client to proactively identify gaps and loopholes, and facilitate accountability for risk-control processes.
  • Lowered costs:
    Using the MetricStream solution, the client has been able to minimize redundancies and duplicate effort, and automate various workflows, thereby saving time, and resources. The cost of maintaining and running the MetricStream solution has proved to be less than that of the client’s legacy systems. Further cost benefits have been realized by deploying the solution over the MetricStream Cloud - a state-of-the-art virtualization and private cloud technology that offers excellent reliability, security, and flexibility.

Contact Chat Request a demo Download RFP Template