Software AG Case Studies Re-Engineered Business Processes Improve Internal Control Auditing

Edit This Case Study Record

	Re-Engineered Business Processes Improve Internal Control Auditing Software AG

Re-Engineered Business Processes Improve Internal Control Auditing

Software AG

Technology Category	Application Infrastructure & Middleware - API Integration & Management
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation Quality Assurance
Use Cases	Regulatory Compliance Monitoring Process Control & Optimization
Services	System Integration Software Design & Engineering Services
Challenge	Poste Italiane operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries. This is why a traditional audit approach based on simple testing for each subsidiary or location simply wouldn’t work. As a diverse enterprise, Poste Italiane has to comply with a wide range of laws and regulations issued by the European Union, the Italian Parliament and other authorities. Because of these different regulations— combined with the company’s dispersed structure—Poste Italiane was unable to use a traditional audit procedure based on testing. Instead, Poste Italiane opted for an integrated and methodical approach focused on control design and system reliability. Read More
About Customer	Poste Italiane (Italian Post Office) is among the largest postal operators in Europe and Italy’s leading operator of postal services. The company has evolved to meet the expanding needs of its customers, which include private citizens, companies and the government. As a result, Poste Italiane also operates as an express courier, a bank and an insurance company. Recently mobile communications services were added to Poste Italiane’s diverse product portfolio. The company operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries. Read More
Solution	Poste Italiane took a process-driven approach to Governance, Risk & Compliance (GRC). First, the company evaluated its internal control system from an architectural point of view and then used it as a modeling system for business processes, risks and controls. Poste Italiane turned to ARIS to model internal control processes, share results with key stakeholders and test controls to assure compliance. IDS Scheer Consulting helped Poste Italiane adapt the platform to its unique methodology and systems. ARIS became the central repository for all audit compliance information. First, the company used ARIS Architect to describe process activities and model internal control processes. Then, risks and controls were mapped into the process structure. This way, Poste Italiane was able to identify control strengths and weaknesses. Poste Italiane then used ARIS Publisher to share the information with internal stakeholders. Testing via ARIS Risk & Compliance Manager helped measure the operating effectiveness of controls as well as to follow up with audit reports. Poste Italiane was able to combine all results into a single corporate view. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - API Integration & Management

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Quality Assurance

Use Cases

Regulatory Compliance Monitoring

Process Control & Optimization

Services

System Integration

Software Design & Engineering Services

Challenge

Poste Italiane operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries. This is why a traditional audit approach based on simple testing for each subsidiary or location simply wouldn’t work. As a diverse enterprise, Poste Italiane has to comply with a wide range of laws and regulations issued by the European Union, the Italian Parliament and other authorities. Because of these different regulations— combined with the company’s dispersed structure—Poste Italiane was unable to use a traditional audit procedure based on testing. Instead, Poste Italiane opted for an integrated and methodical approach focused on control design and system reliability.

About Customer

Poste Italiane (Italian Post Office) is among the largest postal operators in Europe and Italy’s leading operator of postal services. The company has evolved to meet the expanding needs of its customers, which include private citizens, companies and the government. As a result, Poste Italiane also operates as an express courier, a bank and an insurance company. Recently mobile communications services were added to Poste Italiane’s diverse product portfolio. The company operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries.

Solution

Poste Italiane took a process-driven approach to Governance, Risk & Compliance (GRC). First, the company evaluated its internal control system from an architectural point of view and then used it as a modeling system for business processes, risks and controls. Poste Italiane turned to ARIS to model internal control processes, share results with key stakeholders and test controls to assure compliance. IDS Scheer Consulting helped Poste Italiane adapt the platform to its unique methodology and systems. ARIS became the central repository for all audit compliance information. First, the company used ARIS Architect to describe process activities and model internal control processes. Then, risks and controls were mapped into the process structure. This way, Poste Italiane was able to identify control strengths and weaknesses. Poste Italiane then used ARIS Publisher to share the information with internal stakeholders. Testing via ARIS Risk & Compliance Manager helped measure the operating effectiveness of controls as well as to follow up with audit reports. Poste Italiane was able to combine all results into a single corporate view.

Impact #1	Compliance now easier to prove, reducing risks
Impact #2	Efficient ramp-up
Impact #3	Stakeholders can easily share compliance information

Impact #1

Compliance now easier to prove, reducing risks

Impact #2

Efficient ramp-up

Impact #3

Stakeholders can easily share compliance information

Benefit #1	Audits conducted 20 percent faster
Benefit #2	Testing takes 60 percent less time—staff gains more time for other value-added tasks

Benefit #1

Audits conducted 20 percent faster

Benefit #2

Testing takes 60 percent less time—staff gains more time for other value-added tasks

Download PDF Version

Overview

Re-Engineered Business Processes Improve Internal Control Auditing

Operational Impact

Quantitative Benefit