CASE STUDIES

Governance, Risk & Compliance Management
in a technology service company
.
.
https://serity.de/wp-content/uploads/2020/08/floating_image_04.png
About the implementation

 

The client struggled with multiple compliance requirements and thus needed a consolidated business framework.
Serity mapped and implemented GRC procedures to address audit automation and Protection Need Analysis. Manual management issues were streamlined to ensure accurate compliance targets were met.

Business challenges

 

  • Ineffective visibility and end-user experience.
  • Manual evidence collection issues.
  • Heightened risk of misleading information.
  • Tracking difficulties due to lack of transparency.
  • High resource usage for manual work
Project approach

 

Working closely with the customer’s GRC and ServiceNow platform team, we were able to deliver the following:

  • Using OOTB functionalities we were able to create a specified fit application for the customer.
  • Setup of a Data Protection Impact Assessment.
  • Setup of Protection Need Analysis.
  • Creation of Dependencies and Inheritances between Business
    Processes and Information Object (for Protection Needs Analysis).
  • A real time overview for management of risk exposure and impact.
Project Success

 

  • Fulfilling business requirements with Protection Need Analysis.
  • Full compliance with audit requirements (BSI).
  • Increased maintenance via ServiceNow.
  • Enhanced end-user experience.
  • Intricate web of pin-pointed protection.
bt_bb_section_bottom_section_coverage_image