Software AG Case Studies Achieving Sustainable SOX Compliance at Vipnet

Edit This Case Study Record

	Achieving Sustainable SOX Compliance at Vipnet Software AG

Achieving Sustainable SOX Compliance at Vipnet

Software AG

Technology Category	Application Infrastructure & Middleware - API Integration & Management
Applicable Industries	Telecommunications
Applicable Functions	Business Operation
Use Cases	Regulatory Compliance Monitoring Process Control & Optimization
Services	System Integration Software Design & Engineering Services
Challenge	Vipnet, a leading GSM operator in Croatia, was required to comply with the Sarbanes-Oxley Act (SOX) as part of the Mobilkom Austria group. The compliance required making business processes transparent and proving the efficiency of its internal control system. However, the company faced several challenges. Controls weren't specifically defined and couldn't be mapped as part of a process flow, leading to insufficient process mapping. Additionally, controls weren't tested. The company needed a financially oriented approach to process management to become SOX compliant. Read More
About Customer	Vipnet is a leading Global System for Mobile Communications (GSM) operator in Croatia. Within a year of its establishment, the company became the leading GSM operator in the country. Vipnet is known for its progressive network expansion and continuous investments in development. The company attributes its success to a high level of international knowledge and experience in mobile communications and the enthusiasm of its partners. Vipnet is owned by Mobilkom Austria AG and is one of the most successful companies in Croatia. Read More
Solution	Vipnet used process management as a starting point and ARIS Audit Manager as the tool to support SOX implementation. The company organized the compliance project with strong support from top management. The greatest focus was needed in the areas of finance and support for Control Objectives for Information and related Technology (COBIT) requirements. Vipnet established an additional process view—the so-called SOX or MCOT view. Risks were detected and mitigated using appropriate controls. Control effectiveness needed to be proven by explicitly defined testing. Vipnet used ARIS Risk & Compliance Manager to support employees with this challenging task by planning, triggering, and tracking tests of Vipnet’s installed controls. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - API Integration & Management

Applicable Industries

Telecommunications

Applicable Functions

Business Operation

Use Cases

Regulatory Compliance Monitoring

Process Control & Optimization

Services

System Integration

Software Design & Engineering Services

Challenge

Vipnet, a leading GSM operator in Croatia, was required to comply with the Sarbanes-Oxley Act (SOX) as part of the Mobilkom Austria group. The compliance required making business processes transparent and proving the efficiency of its internal control system. However, the company faced several challenges. Controls weren't specifically defined and couldn't be mapped as part of a process flow, leading to insufficient process mapping. Additionally, controls weren't tested. The company needed a financially oriented approach to process management to become SOX compliant.

About Customer

Vipnet is a leading Global System for Mobile Communications (GSM) operator in Croatia. Within a year of its establishment, the company became the leading GSM operator in the country. Vipnet is known for its progressive network expansion and continuous investments in development. The company attributes its success to a high level of international knowledge and experience in mobile communications and the enthusiasm of its partners. Vipnet is owned by Mobilkom Austria AG and is one of the most successful companies in Croatia.

Solution

Vipnet used process management as a starting point and ARIS Audit Manager as the tool to support SOX implementation. The company organized the compliance project with strong support from top management. The greatest focus was needed in the areas of finance and support for Control Objectives for Information and related Technology (COBIT) requirements. Vipnet established an additional process view—the so-called SOX or MCOT view. Risks were detected and mitigated using appropriate controls. Control effectiveness needed to be proven by explicitly defined testing. Vipnet used ARIS Risk & Compliance Manager to support employees with this challenging task by planning, triggering, and tracking tests of Vipnet’s installed controls.

Impact #1	Internal control of financial reporting now in place through processes, controls and by testing plans and results in a consistent database.
Impact #2	Dependable and effective internal control system.
Impact #3	Improved documentation quality.

Impact #1

Internal control of financial reporting now in place through processes, controls and by testing plans and results in a consistent database.

Impact #2

Dependable and effective internal control system.

Impact #3

Improved documentation quality.

Benefit #1	Significant decrease in financial risks.
Benefit #2	Lower maintenance costs and improvement of the processes, risk and controls.
Benefit #3	Increased quality assurance through IT supported control testing workflows.

Benefit #1

Significant decrease in financial risks.

Benefit #2

Lower maintenance costs and improvement of the processes, risk and controls.

Benefit #3

Increased quality assurance through IT supported control testing workflows.

Download PDF Version

Overview

Achieving Sustainable SOX Compliance at Vipnet

Operational Impact

Quantitative Benefit