Software AG > Case Studies > Re-Engineered Business Processes Improve Internal Control Auditing

Re-Engineered Business Processes Improve Internal Control Auditing

Software AG Logo
Customer Company Size
Large Corporate
Region
  • Europe
Country
  • Italy
Product
  • ARIS Architect
  • ARIS Publisher
  • ARIS Risk & Compliance Manager
Tech Stack
  • ARIS platform
  • ARIS workflow engine
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Productivity Improvements
  • Cost Savings
Technology Category
  • Application Infrastructure & Middleware - API Integration & Management
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
  • Quality Assurance
Use Cases
  • Regulatory Compliance Monitoring
  • Process Control & Optimization
Services
  • System Integration
  • Software Design & Engineering Services
About The Customer
Poste Italiane (Italian Post Office) is among the largest postal operators in Europe and Italy’s leading operator of postal services. The company has evolved to meet the expanding needs of its customers, which include private citizens, companies and the government. As a result, Poste Italiane also operates as an express courier, a bank and an insurance company. Recently mobile communications services were added to Poste Italiane’s diverse product portfolio. The company operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries.
The Challenge
Poste Italiane operates across many lines of business, including postal, banking, insurance and financial services. As a result, this diverse enterprise is subject to many different laws and regulations. The company is also widespread with 154,000 employees in 14,000 offices and 16 subsidiaries. This is why a traditional audit approach based on simple testing for each subsidiary or location simply wouldn’t work. As a diverse enterprise, Poste Italiane has to comply with a wide range of laws and regulations issued by the European Union, the Italian Parliament and other authorities. Because of these different regulations— combined with the company’s dispersed structure—Poste Italiane was unable to use a traditional audit procedure based on testing. Instead, Poste Italiane opted for an integrated and methodical approach focused on control design and system reliability.
The Solution
Poste Italiane took a process-driven approach to Governance, Risk & Compliance (GRC). First, the company evaluated its internal control system from an architectural point of view and then used it as a modeling system for business processes, risks and controls. Poste Italiane turned to ARIS to model internal control processes, share results with key stakeholders and test controls to assure compliance. IDS Scheer Consulting helped Poste Italiane adapt the platform to its unique methodology and systems. ARIS became the central repository for all audit compliance information. First, the company used ARIS Architect to describe process activities and model internal control processes. Then, risks and controls were mapped into the process structure. This way, Poste Italiane was able to identify control strengths and weaknesses. Poste Italiane then used ARIS Publisher to share the information with internal stakeholders. Testing via ARIS Risk & Compliance Manager helped measure the operating effectiveness of controls as well as to follow up with audit reports. Poste Italiane was able to combine all results into a single corporate view.
Operational Impact
  • Compliance now easier to prove, reducing risks
  • Efficient ramp-up
  • Stakeholders can easily share compliance information
  • Single corporate view of compliance
  • Redundant information systems eliminated
Quantitative Benefit
  • Audits conducted 20 percent faster
  • Testing takes 60 percent less time—staff gains more time for other value-added tasks

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.