NAVEX Case Studies Mobile Messaging Company Outgrows Manual Regulatory Compliance

Edit This Case Study Record

	Mobile Messaging Company Outgrows Manual Regulatory Compliance NAVEX

Mobile Messaging Company Outgrows Manual Regulatory Compliance

NAVEX

Technology Category	Application Infrastructure & Middleware - Data Exchange & Integration
Applicable Industries	Telecommunications
Applicable Functions	Business Operation
Use Cases	Regulatory Compliance Monitoring
Services	System Integration
Challenge	A mobile messaging company was in hyper-growth mode but needed to mature its compliance program to keep pace with a growing list of regulations and B2B customer demands. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company’s startup culture made things harder, because it thrived on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style. While that culture could thrive in a small startup environment with few compliance mandates, the company had become a subsidiary of a publicly traded company and counted four of the top 10 global brands as customers. Meeting even basic business requirements was becoming impossible to manage using manual processes like spreadsheets. Read More
About Customer	The customer is a major mobile messaging company that was in a hyper-growth phase. The company had become a subsidiary of a publicly traded company and had four of the top 10 global brands as its customers. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company's culture was based on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style, which was becoming increasingly difficult to manage as the company grew and the number of compliance mandates increased. Read More
Solution	The mobile messaging company selected NAVEX’s governance, risk management, compliance (GRC) platform, NAVEX IRM, for its capabilities in integrated risk management (IRM). NAVEX IRM enables organizations to gain a comprehensive view of their business and operations from a risk perspective— connecting individual risk disciplines and managing them in one centralized program. By using NAVEX IRM, the company’s CISO was able to assemble ISO/IEC 27001 controls, NIST SP 80053 controls and a custom NIST control family to form the company’s proprietary controls catalog. The company was also able to map controls to compliance mandates. The CISO accesses this feature when business requirements differ; for example, if one customer has a contract requirement while another customer requires the company to follow ISO, it’s all documented in NAVEX IRM. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Data Exchange & Integration

Applicable Industries

Telecommunications

Applicable Functions

Business Operation

Use Cases

Regulatory Compliance Monitoring

Services

System Integration

Challenge

A mobile messaging company was in hyper-growth mode but needed to mature its compliance program to keep pace with a growing list of regulations and B2B customer demands. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company’s startup culture made things harder, because it thrived on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style. While that culture could thrive in a small startup environment with few compliance mandates, the company had become a subsidiary of a publicly traded company and counted four of the top 10 global brands as customers. Meeting even basic business requirements was becoming impossible to manage using manual processes like spreadsheets.

About Customer

The customer is a major mobile messaging company that was in a hyper-growth phase. The company had become a subsidiary of a publicly traded company and had four of the top 10 global brands as its customers. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company's culture was based on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style, which was becoming increasingly difficult to manage as the company grew and the number of compliance mandates increased.

Solution

The mobile messaging company selected NAVEX’s governance, risk management, compliance (GRC) platform, NAVEX IRM, for its capabilities in integrated risk management (IRM). NAVEX IRM enables organizations to gain a comprehensive view of their business and operations from a risk perspective— connecting individual risk disciplines and managing them in one centralized program. By using NAVEX IRM, the company’s CISO was able to assemble ISO/IEC 27001 controls, NIST SP 80053 controls and a custom NIST control family to form the company’s proprietary controls catalog. The company was also able to map controls to compliance mandates. The CISO accesses this feature when business requirements differ; for example, if one customer has a contract requirement while another customer requires the company to follow ISO, it’s all documented in NAVEX IRM.

Impact #1	Managed requirements of 173 contracts, 254 compliance mandates, and 9,700 contract demands with one technology solution: NAVEX IRM
Impact #2	One stop for all things related to information security and compliance
Impact #3	Built credibility by mapping authority documents and regulation citations to controls

Impact #1

Managed requirements of 173 contracts, 254 compliance mandates, and 9,700 contract demands with one technology solution: NAVEX IRM

Impact #2

One stop for all things related to information security and compliance

Impact #3

Built credibility by mapping authority documents and regulation citations to controls

Benefit #1	Saved the time of 2 FT employees, using streamlined compliance processes and automation

Benefit #1

Saved the time of 2 FT employees, using streamlined compliance processes and automation

Download PDF Version

Overview

Mobile Messaging Company Outgrows Manual Regulatory Compliance

Operational Impact

Quantitative Benefit