The Client: World’s Largest Chemical Manufacturers

Overview

The global chemical manufacturing industry is faced with several challenges such as rising costs, and increased stakeholder demand for profitability and productivity. Meanwhile manufacturing processes are rapidly evolving to keep pace with globalization, diversification, and changing customer requirements. Through all these changes, chemical manufacturers have to ensure employee health and safety, and effectively manage risks such as air emissions, hazardous wastes, and supply chain risks. They also have to monitor compliance with various local and global regulations.

Over the years, the client has built robust programs and techniques to manage its compliance, audit, and risk requirements. However, with increasing risks and regulations - particularly in the context of a global scale of operations - the client realized the need for an integrated and more efficient way to manage its compliance, audit, and risk initiatives.

The client approached MetricStream, a market leader in Governance, Risk, and Compliance (GRC) and Quality Management solutions to implement a solution that would scale across the enterprise, integrating and streamlining the complete range of compliance, audit, and risk initiatives in a single framework. The solution was rolled out across multiple users in 100 locations across the globe. Using the solution, the client was able to facilitate a proactive, consistent, and cost-efficient approach to GRC which, in turn, helped strengthen business performance.

Download the Case Study

Solution

Faced with legacy systems that were unable to adapt to changing business requirements, the client chose to upgrade its technology. The organization wanted a solution that could integrate and strengthen enterprise-wide compliance, audit, and risk programs, and improve cost-efficiency.

MetricStream emerged as the partner of choice after demonstrating its ability to consolidate and unify all GRC processes, workflows, content, system, and entities on a single platform. MetricStream implemented a comprehensive GRC solution for the client, consisting of applications for compliance management, audit management, risk management, and issue management.

Compliance Management: The MetricStream compliance management application provides a common framework and an integrated approach to manage all the client’s compliance requirements, including statutory updates, labor laws, and manufacturing mandates. The solution helps the client define and maintain a centralized structure of the overall compliance and control hierarchy, including processes in scope, risks for the processes, controls to address the risks, and mechanisms to address the controls. It also supports control assessments based on predefined criteria and checklists, and has a mechanism for scoring, tabulating and reporting the results.

Centralized Library: The MetricStream solution provides a centralized information repository with all risk, control, and audit data. The tool strengthens visibility and collaboration across enterprise-wide risk and control management processes. It also enables risks and controls to be mapped to each other and to the business hierarchy in such a manner that workflows become highly systematic and efficient, while redundancies are eliminated. The repository comes with easy search and access capabilities, allowing managers to quickly provide documentation and evidence to validate that a specific compliance requirement is being met and that controls are in place to ensure on-going compliance. Robust and user-friendly capabilities for data uploads allow compliance plans and other GRC library objects to be uploaded quickly and efficiently.

Internal Audit Management: The MetricStream solution streamlines the complete internal audit lifecycle, and helps in conducting up to 150 ad hoc and annual audits at the client locations. The solution supports risk-based auditing through an advanced audit advisor, an audit proposal planner, and a risk scenario analysis tool which effectively leverage operational and risk metrics to provide critical intelligence for defining the audit strategy. Users gain advanced capabilities to efficiently allocate resources, manage dispersed audit teams, track the time spent on auditing, monitor budgets, and maintain auditor profiles. They can also track their upcoming scheduled audits through an intuitive calendar feature which automatically updates new tasks. Collaboration is encouraged through shared audit calendars and parallel review cycles, while audit productivity is enhanced through the tracking of each audit’s progress against predefined milestones.

Risk Management: The MetricStream risk management application provides a centralized risk framework to document and manage all the client’s risks. The solution supports risk assessments and computations based on configurable methodologies and algorithms. It also provides a clear view into the organization’s risk profile, enabling managers to prioritize their response strategies for optimal risk/reward outcomes. Advanced capabilities for rating risks, defining KRIs, tracking loss events, and analyzing “what-if” scenarios help risk managers proactively monitor and mitigate risks. In addition, graphical dashboards and risk heat maps provide enterprise wide visibility into the risk management process, and highlight issues that need to be addressed.

Issue Management: Issues that are identified through audits or compliance and risk monitoring are immediately flagged and routed through a systematic process of investigation and resolution. For instance, if the client hasn’t filed tax excise documents before a particular date, the system raises an issue, and prompts the respective personnel to investigate why it happened and what needs to be done to ensure that it doesn’t happen again. The solution accelerates issue recording, review, and approval cycles, and reduces repeat occurrence through consistent and closed-loop investigation and corrective action processes. It also strengthens collaboration and teamwork on issues across departments and functional areas. Automated alerts and notifications keep the process on track and help ensure that issues are resolved in a prompt and timely manner.

Reporting: The MetricStream solution provides tremendous reporting flexibility by enabling both ad-hoc and scheduled reporting. Two-dimensional reports help managers review each area of compliance, and determine if controls have been effectively tested. Quarterly and monthly trending analyses help users stay in constant touch with the ground reality and progress on their GRC management programs. Powerful dashboards with drill-down capabilities provide in-depth and real-time insights into compliance, audit and issue management processes across the enterprise, while automated alerts for events such as exceptions and failures eliminate any surprises and make the process predictable.

Challenges

Inconvenient manual processes: The client used papers, spreadsheets, and email based processes to monitor compliance, manage audits, and prepare reports. Users would receive reams of compliance, audit, or risk data from the unit heads, which then had to be manually assembled and sent to the Management. These intensive manual processes consumed a lot of time, resources and productivity, and were prone to errors.

Process Redundancies: With manufacturing and business units spread out across multiple locations, the client managed its compliance, audit, and risk processes in independent initiatives.  Limited integration and collaboration across these initiatives led to efforts being duplicated across the enterprise.

Insufficient Visibility: Given the size of the organization and complexity of the business, the client found it increasingly difficult to monitor its compliance, audit, and risk initiatives. For instance, the status of sales tax management was hard to track at the enterprise level because tax requirements varied from one region to the next, and were managed in separate initiatives.

Multiple Compliance Requirements: The client had to ensure compliance with 500-600 statutory updates, and labor and manufacturing laws. Tracking changes and updates to these mandates was hard enough. But monitoring compliance with them at different levels of the enterprise was even harder.

High Costs: At a time when manufacturing companies are being asked to do more with less, the client was striving to identify areas where it could cut costs, save resources, and optimize investments.

Why the Company Selected MetricStream?

A Truly Integrated GRC Platform
MetricStream provides a flexible and scalable platform that stretches across the enterprise, integrating and synchronizing multiple compliance, audit, and risk initiatives for better control, efficiency, and productivity.

A Unique Blend of Content and Technology
MetricStream solutions combine leading edge IT capabilities with valuable content such as industry specific best practices to strengthen GRC processes. They also provide access to compliance training programs from world-class experts.

High Degree of Configurability
While MetricStream solutions provide sophisticated out-of-the-box functionalities, they can also be configured to each organization’s unique needs. For instance, at the client’s organization, the solution was configured to create a task reassignment application which enables audit and control monitoring tasks to efficiently be redistributed to other employees when one employee is absent.

Extensibility
The MetricStream solution can be seamlessly extended to incorporate multiple other GRC applications or be upgraded to newer versions. It can also be deployed across multiple global locations while still consolidating and integrating processes at the enterprise level.

Seamless Integration with Enterprise Systems
The MetricStream GRC platformcontains unique Infolets or adaptors that integrate with multiple external systems to extract relevant data and load it in the MetricStream database and API tables. Customers have realized tremendous cost and efficiency benefits by automating the interactions between MetricStream solutions and the information systems that they have already invested in.

Benefits

  • Harmonized and Systematic GRC Processes:
    The MetricStream solution integrates and streamlines the complete range of compliance, control monitoring, audit, and risk management processes in a centralized framework. Process deviations, inconsistencies, and redundancies are thus eliminated.
  • Higher Efficiency and Cost Savings:
    The MetricStream solution automates critical processes, enabling the client to save costs, and divert valuable IT and business resources to the core business.
  • Increased Collaboration and Accountability:
    Using the solution, users across the organization can seamlessly coordinate enterprise-wide compliance, audit, and risk management processes, and share information more effectively. Process owners can take direct responsibility for managing controls, while auditors can focus on key risks and project oversight.
  • Greater Transparency and Visibility:
    The system collates relevant compliance, audit, and risk data from across the enterprise, and rolls it up to the corporate level to provide real-time insights. Powerful dashboards, risk heat maps, and reports empower the Management to make quicker and more informed decisions, and respond proactively to issues that arise.

Request a demo Download RFP Template Pricing Contact