Case Study

Energy Major Resolves Risk and Compliance Issues 30% Faster With MetricStream

At one of North America’s largest utilities, safety comes first. The company is laser-focused on protecting its electric grid and gas operations—and by extension, its communities and millions of customers—against the risks of wildfires, severe weather events, cyber-attacks, and more. Its objective is to deliver cleaner energy in a safe and reliable manner, while building confidence with consumers, regulators, and the board through strong corporate governance practices.

Since 2016, MetricStream has been helping the company meet these critical strategic and operational goals. With MetricStream Risk and Compliance Management products, the company is strengthening safety through better risk and control management, while also resolving compliance issues with greater speed and transparency. As its compliance posture has improved, so also has its reputation. Customers know that they can trust the company to protect their safety, and act with integrity.

Leaving Legacy Systems Behind

Before MetricStream, the company relied on home-grown compliance management tools that didn’t provide sufficient visibility into compliance-related risks and controls. Most compliance activities were manual, siloed, and time-consuming.

In addition, the company lacked a common risk and compliance taxonomy. This led to inconsistencies in how compliance issues and findings were reported. Many issues and controls ended up being duplicated across the company.

To top things off, teams didn’t have a centralized database of processes, risks, controls, and issues to understand the full impact of a compliance requirement or risk.

MetricStream helped the customer resolve these issues by replacing legacy systems with MetricStream’s integrated risk and compliance solution. The company now has a complete picture of its risk and compliance posture. Risk and control management processes have been streamlined and automated with a common taxonomy for optimal efficiency and single source of truth.

These shifts are enabling the company to strengthen compliance with safety requirements, while also improving accountability and governance.

Elevating Risk and Control Management With a Single Source of Truth

MetricStream has helped the company unify risks, controls, processes, compliance findings, surveys, issues, policies, and more on a single platform. Through this integrated data model, users can better understand how a potential compliance issue or risk could impact the business. Accordingly, they can take steps to mitigate the risk, close gaps, and boost compliance.

The solution is currently used by 1,800 employees across eight business groups ranging from HR and Customer Care, to Safety, Health, and Legal.


  • Need to improve safety against wildfires, storms, and other risks
  • Limited visibility into risks and controls
  • Time-consuming compliance management processes
  • No common compliance taxonomy or single source of truth

Business Value Realized

  • A safer, more reliable, and compliant business environment
  • Smarter decision-making with a real-time view of risks and compliance
  • Improved efficiency with streamlined and automated compliance processes
  • Better consistency in risk reporting through a common taxonomy and data model
  • Stronger reputation and consumer confidence through demonstratable compliance with safety regulations

Accelerating Compliance Assessments and Surveys Through Streamlined Workflows

With MetricStream, the company can design and conduct multiple compliance assessments and control tests. The solution standardizes and automates compliance workflows across business units, enabling data to be collected and consolidated faster than ever.

The solution also streamlines survey management for HR and policy awareness, legal attestations, and more. Users can create and distribute surveys to numerous respondents, automate the collation of responses, analyze the data, and correlate it with past findings to ensure that employees are indeed complying with the required policies and laws.

Resolving Compliance Issues Faster

MetricStream enables the company to swiftly identify, manage, and remediate all compliance issues. Issue management workflows, notifications, and reporting processes are automated to save time. Users can also track the status of issue remediation and action plans in real time. All this has helped the company resolve compliance issues 30% faster.

Managing Policies With Ease

Company policies are stored on a centralized portal in MetricStream where they can be securely and intuitively accessed from anywhere in the enterprise. Automated policy management workflows reduce the time taken to create, update, and refresh policies. Email notifications alert employees to new policies, while systematic attestation processes enable them to provide assurance around compliance.

Strengthening Decision-Making With Real-Time Visibility Into Risk and Compliance

Through MetricStream, the company has created a common risk and compliance taxonomy across the enterprise. Everyone now communicates and reports risk and control data in a consistent manner

Compliance findings are automatically consolidated and rolled up to the leadership team and board where they can be sliced and diced to uncover trends and opportunities. Intuitive dashboards and analytics provide a complete and real-time view of risk and compliance, enabling leaders to make faster and smarter decisions.

With MetricStream, the company has reduced the time taken for compliance reviews and reporting by 30%.

Accelerating Implementation Through a Systematic and Collaborative Approach

The success of the MetricStream implementation stemmed from exceptional teamwork. The company collaborated closely with MetricStream to conduct multiple workshops for power users to strengthen MetricStream solution adoption, and proactively resolve their concerns. Hands-on sessions with compliance program leaders helped ensure that the solution was configured to best support the company’s compliance processes.

MetricStream’s GRC libraries and GRC Journey sessions helped the company establish a strong GRC foundation. Meanwhile, MetricStream’s bundle pack proposal with sustained engineering services and change management support enabled the company to save implementation costs.

Looking Ahead

Today, the company is expanding the scope of their compliance surveys and controls, while also onboarding more users onto MetricStream. Compliance teams are also looking to automate how they manage regulatory engagements, including examinations, meetings, and requests for information. This will help them improve compliance efficiency further, and build greater credibility with customers and regulators.


Ready to get started?

Speak to our experts Let’s talk