IT compliance in a fast-moving software company

Dynamic organizational growth required a flexible compliance tool.

Implementing Impero has meant mapping and regulating internal processes in order to review, monitor and control our IT critical frameworks electronically, thereby ensuring a higher level of transparency, accuracy and compliance throughout our operations. A set of systematic rules allows us to update and perform selected workflows automatically, meaning that we’ve gone from paper-based, time-consuming work routines to having one integrated, common tool, centralizing and simplifying our monitoring and steering approach, and providing both internal and external auditors with easy, efficient and secure access to all evidence and controls.

Setting up strong and well-governed IT compliance frameworks in Impero

Running a successful software company means continuously improving your software to keep a competitive edge. However, with improvements follows inevitably the risk of introducing errors, and, thus, the need for a strong and well-governed IT compliance framework becomes essential. Developing state-of-the-art software for the insurance industry, this Impero customer is no exception to this statement. The company that delivers technology services within the insurance industry continuously improve its solution, and changes so that the solution always follow well-defined, monitored and compulsory control procedures. Consequently, Impero has introduced this company to a new and smarter way of working with overall IT compliance, controls and reviews, prompting roll-out of automated best practice IT critical frameworks. Currently, Impero’s risk and control management is supporting corporate entities located in the UK, Germany and Switzerland. Roll-out to additional countries is a natural next step.

Considerable savings and benefits

Having just recently implemented Impero might imply that the supplier of technology services within the insurance industry doesn’t yet have much knowledge of working with the system, nor of deriving tangible benefits from it. However, as the company insisted on a rather long testing phase to define as many internal processes up- front as possible, this company has actually worked with the system since early 2017, thus already having a clear and in-depth overview of many of the advantages offered.

“We’ve gone from purely paper-based working routines to electronic review and control processes in all IT critical frameworks, which means that we’ll save considerable resources due to lower time rates for execution. Also, overall error minimization as well as a higher level of transparency and compliance are factors and benefits that will ultimately contribute vastly to a smoother everyday life in IT operations”.

Increased transparency and integration

Challenge
  • Decentralized IT critical control frameworks with different control and review processes due to corporate entities spread around the globe
  • Manual, time-consuming internal reviewing processes, resulting in problematically high time rates for execution
Solution
  • One common compliance solution and tool, fully integrated and maintained centrally, enabling easy and efficient roll-out of internal controls and reviews
  • A global IT organization, providing one common repository for different controls as well as one centralized approach to all control frameworks
Result
  • Increased transparency, flexibility and compliance

  • Centralized steering approach, providing easy, efficient and secure access to all IT evidences and controls

  • Saved resources due to improved external auditing
“Ultimately, the goal is to save resources in order to stay as competitively alert and customer-centric as possible. Going forward – also considering the increased volume of mandatory and complex regulations – the hope is to automatize all controls and reviews as much as possible. Impero is a very good start.”

Simple, flexible and intuitive

With well-established internal processes and frameworks in place, the supplier of technology services within the insurance industry stands to gain even more considerable advantages within complex areas such as IT security, internal and external audits, as well as overall IT compliance. Already shortly after implementation, Impero has proven to be a vital tool to ensure important resource savings. And the intuitive and flexible structure of the system has already allowed the company to make changes easily and efficiently when both designing and reassigning controls. Using Impero, internal IT controls have been simplified and partly automatized, creating compliance and transparency.