How a Fortune 500 Manufacturer Modernized Audit & Compliance
“Our audit and compliance processes are out of the Victorian Era!” That’s how the project lead at a multinational manufacturing company described the methods they were using to manage their annual IT General Control (ITGC) audit.
The massive undertaking included a combination of email, word documents and excel spreadsheets to collect evidence, test controls, and provide reports to management, regulators, auditors, and other stakeholders. The process included thousands of hours of administrative overhead, staff was burning out, and the process was so complex that nobody had any real visibility or confidence in the effectiveness of their controls.
They recognized that they needed a solution to streamline the audit process, create one central repository for all their IT controls, and provide greater oversight to ensure compliance. They also had a broader vision to leverage ServiceNow to support a more extensive integrated risk management program in the future.
Iceberg’s team worked closely with the customer’s team to develop requirements, map roles and processes, design a solution, and configure and test ServiceNow. We used the company’s existing ServiceNow deployment as a foundation, and leveraged out-of-box GRC functionality wherever possible for the implementation. By implementing ServiceNow for their IT audit and compliance activities, the organization will now be able to reduce the length of the ITGC audit by half, thanks to a reduction of manual work and streamlining activities. This solution will be deployed initially at two facilities, where they expect to free up the equivalent of at least one FTE, representing a savings of at least $100,000 per year.