By using this site you agree to our use of cookies. Please refer to our privacy policy for more information.Close

The Client:The client, a leading American bank headquartered in New Jersey, offers banking, trust, and investment services.


The bank had hundreds of risk assessments to conduct every quarter, and needed a way to aggregate all the risk data to support decision-making. MetricStream’s Cloud-based ERM App enabled them to enhance risk visibility, simplify and accelerate risk assessments and scoring, and systematically remediate any issues.

Download a Case Study


Among the several solution providers evaluated by the bank, MetricStream was the only company to offer a fully integrated, scalable Enterprise Risk Management (ERM) App with powerful risk assessment and reporting functionalities that successfully addressed their requirements.

MetricStream also demonstrated a strong track record in the financial services industry – their Apps and Solutions are used by some of the largest and most well-known institutions across countries. Moreover, MetricStream offered the flexibility of a cloud-based deployment on the private and highly secure MetricStream GRC Cloud.

All these factors led to the bank choosing MetricStream to provide a robust ERM App.

Since the App was implemented, the bank has been able to assess, measure, and monitor risks across the enterprise in a highly streamlined and automated manner. The App cuts across siloes, capturing risks, controls, and issues in a centralized system. It also offers management a 360-degree, real-time view of enterprise risks through powerful dashboards and reports.

Below are the key capabilities of the App:

Risk Identification

The MetricStream App enables the bank to document a range of enterprise risks, along with associated details such as the risk description, category, hierarchy, and validity. The App also helps define and standardize methodologies for risk rating and scoring, along with KRIs and risk thresholds. A centralized risk library maintains a tightly mapped hierarchy of risks, objectives, controls, processes, and other data elements, thereby delivering greater context and transparency to the risk framework.

Risk Assessment, Scoring, and Analysis

The ERM App provides a single point of reference for the bank to conduct, manage, and track risk assessments across the enterprise. The App streamlines the entire process of planning, scheduling, performing, and reviewing risk assessments. This approach has helped the bank minimize redundancies, and improve efficiency.

The App facilitates quantitative, qualitative, and multi-dimensional risk assessments, enabling users to measure risks from different perspectives. Users can also specify each risk as a threat or opportunity, thereby creating a more targeted and relevant response.

A risk matrix provides a clear visual depiction of each risk’s impact, likelihood, frequency, and velocity. Based on this data, multi-dimensional heat maps are generated, enabling the bank to easily identify high risk areas, and prioritize their response strategies.

Once a risk assessment is completed, the App routes the findings and results for reviews and approvals. Issues and exceptions become part of the risk mitigation process.

Control Assessments

Using the App, the bank can easily assess the effectiveness of controls from both a design and operational perspective though control tests, surveys, and certifications. All findings are stored in a central repository, enabling users to easily track the control evaluation status and results, and define corrective action wherever required.

Risk Monitoring and Reporting

The MetricStream App provides powerful reporting tools that automatically consolidate risk and control assessment findings into pre-defined reporting templates. Graphical executive dashboards provide a comprehensive, real-time view of risks across the enterprise. Advanced analytics enable stakeholders to slice and dice the risk data from multiple perspectives, identify trends, and derive risk intelligence to strengthen decision-making.

The App also supports continuous KRI monitoring, and provides automated alerts when thresholds are about to be breached.

Issue Management

Any issues identified in the risk assessment process are routed by the MetricStream App through a structured and systematic process of investigation, root cause analysis, and remediation. Action plans to address each issue are clearly defined and tracked to closure through the App. Automated alerts keep the process on track, and help ensure that each issue is resolved in a timely manner.


In line with various regulatory requirements, the bank strove to regularly assess, track, and monitor risks across the enterprise. However, there were hundreds of risk assessments to conduct every quarter, which made things quite challenging.

Compounding the issue, most risk assessments were performed manually -- the risk team would circulate multiple spreadsheets via email, collect risk assessment findings from each business unit, and then painstakingly aggregate the data into reports.

The whole process was time-consuming and exhausting. Moreover, because the risk assessments were conducted in siloes, it became difficult to aggregate and roll up risk data, and provide management with a timely, holistic view of risk issues and trends. Without this data, management couldn’t make informed business decisions.

The bank therefore needed a tool that would help them improve risk reporting and visibility, while also enabling risk assessments to be conducted in a quicker, simpler, and more efficient manner.


  • Quicker, More Efficient Risk Assessments
    The MetricStream App has streamlined and automated risk assessments across the enterprise, minimizing errors and redundancies, while saving time and effort. Instead of struggling with manual data collection and reporting, users are now free to focus on more important tasks such as risk analysis.
  • One System for Multiple Risk Assessments
    The MetricStream App provides a single, scalable environment to manage hundreds of risk assessments across multiple business units and office locations. No more do users have to deal with multiple spreadsheets and emails. All the data is located in one place for easy tracking and management.
  • Greater Risk Visibility, More Informed Business Decisions
    Tightly mapped risk and control hierarchies, coupled with powerful risk reports, dashboards, and analytics give the bank comprehensive, real-time visibility into risks across the enterprise, enabling them to proactively identify areas of concern and opportunity, and make better decisions.
  • Improved Compliance with Regulations
    By strengthening risk assessments, and providing a holistic and timely view of enterprise risks, the MetricStream App enables the bank to keep their risks well in control, thereby enhancing compliance with multiple financial regulations.
  • Fast Deployment, High-Level Security
    The MetricStream ERM App was deployed over the MetricStream GRC Cloud, enabling the bank to accelerate time-to-value. The Cloud-based implementation also provided the benefits of high availability and top-notch security with role-based access controls.

Request a demo Download RFP Template Pricing Contact