Mobile Messaging Company Outgrows Manual Regulatory Compliance
公司规模
Large Corporate
地区
- America
国家
- United States
产品
- NAVEX IRM
技术栈
- Integrated Risk Management
实施规模
- Enterprise-wide Deployment
影响指标
- Productivity Improvements
- Digital Expertise
技术
- 应用基础设施与中间件 - 数据交换与集成
适用行业
- 电信
适用功能
- 商业运营
用例
- 监管合规监控
服务
- 系统集成
关于客户
The customer is a major mobile messaging company that was in a hyper-growth phase. The company had become a subsidiary of a publicly traded company and had four of the top 10 global brands as its customers. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company's culture was based on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style, which was becoming increasingly difficult to manage as the company grew and the number of compliance mandates increased.
挑战
A mobile messaging company was in hyper-growth mode but needed to mature its compliance program to keep pace with a growing list of regulations and B2B customer demands. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company’s startup culture made things harder, because it thrived on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style. While that culture could thrive in a small startup environment with few compliance mandates, the company had become a subsidiary of a publicly traded company and counted four of the top 10 global brands as customers. Meeting even basic business requirements was becoming impossible to manage using manual processes like spreadsheets.
解决方案
The mobile messaging company selected NAVEX’s governance, risk management, compliance (GRC) platform, NAVEX IRM, for its capabilities in integrated risk management (IRM). NAVEX IRM enables organizations to gain a comprehensive view of their business and operations from a risk perspective— connecting individual risk disciplines and managing them in one centralized program. By using NAVEX IRM, the company’s CISO was able to assemble ISO/IEC 27001 controls, NIST SP 80053 controls and a custom NIST control family to form the company’s proprietary controls catalog. The company was also able to map controls to compliance mandates. The CISO accesses this feature when business requirements differ; for example, if one customer has a contract requirement while another customer requires the company to follow ISO, it’s all documented in NAVEX IRM.
运营影响
数量效益
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.
