Before MetricStream, the company relied on home-grown compliance management tools that didn’t provide sufficient visibility into compliance-related risks and controls. Most compliance activities were manual, siloed, and time-consuming.
In addition, the company lacked a common risk and compliance taxonomy. This led to inconsistencies in how compliance issues and findings were reported. Many issues and controls ended up being duplicated across the company.
To top things off, teams didn’t have a centralized database of processes, risks, controls, and issues to understand the full impact of a compliance requirement or risk.
MetricStream helped the customer resolve these issues by replacing legacy systems with MetricStream’s integrated compliance solution. The company now has a complete picture of its compliance posture. Risk and control management processes have been streamlined and automated for optimal efficiency. Plus, a common compliance taxonomy has been implemented across the business.
These shifts are enabling the company to strengthen compliance with safety requirements, while also improving accountability and governance.
MetricStream has helped the company unify risks, controls, processes, compliance findings, surveys, issues, policies, and more on a single platform. Through this integrated data model, users can better understand how a potential compliance issue or risk could impact the business. Accordingly, they can take steps to mitigate the risk, close gaps, and boost compliance.
The solution is currently used by 1,800 employees across eight business groups ranging from HR and Customer Care, to Safety, Health, and Legal.
A safer, more reliable, and
compliant business environment
Smarter decision-making with
a real-time view of risks and compliance
Improved efficiency with streamlined and automated compliance processes
Better consistency in risk reporting through a common taxonomy and data model
Stronger reputation and consumer confidence through
demonstratable compliance with safety regulations
With MetricStream, the company can design and conduct multiple compliance assessments and control tests. The solution standardizes and automates compliance workflows across business units, enabling data to be collected and consolidated faster than ever.
The solution also streamlines survey management for HR and policy awareness, legal attestations, and more. Users can create and distribute surveys to numerous respondents, automate the collation of responses, analyze the data, and correlate it with past findings to ensure that employees are indeed complying with the required policies and laws.
MetricStream enables the company to swiftly identify, manage, and remediate all compliance issues. Issue management workflows, notifications, and reporting processes are automated to save time. Users can also track the status of issue remediation and action plans in real time. All this has helped the company resolve compliance issues 30% faster.
Company policies are stored on a centralized portal in MetricStream where they can be securely and intuitively accessed from anywhere in the enterprise. Automated policy management workflows reduce the time taken to create, update, and refresh policies. Email notifications alert employees to new policies, while systematic attestation processes enable them to provide assurance around compliance.
Through MetricStream, the company has created a common risk and compliance taxonomy across the enterprise. Everyone now communicates and reports risk and control data in a consistent manner.
Compliance findings are automatically consolidated and rolled up to the leadership team and board where they can be sliced and diced to uncover trends and opportunities. Intuitive dashboards and analytics provide a complete and real-time view of compliance, enabling leaders to make faster and smarter decisions.
With MetricStream, the company has reduced the time taken for compliance reviews and reporting by 30%.
The success of the MetricStream implementation stemmed from exceptional teamwork. The company collaborated closely with MetricStream to conduct multiple workshops for power users to strengthen MetricStream solution adoption, and proactively resolve their concerns. Hands-on sessions with compliance program leaders helped ensure that the solution was configured to best support the company’s compliance processes.
MetricStream’s GRC libraries and GRC Journey sessions helped the company establish a strong GRC foundation. Meanwhile, MetricStream’s bundle pack proposal with sustained engineering services and change management support enabled the company to save implementation costs.
Today, the company is expanding the scope of their compliance surveys and controls, while also onboarding more users onto MetricStream. Compliance teams are also looking to automate how they manage regulatory engagements, including examinations, meetings, and requests for information. This will help them improve compliance efficiency further, and build greater credibility with customers and regulators.