Link Consulting and a leading energy company partnered in a GRC journey across different business control functions. This journey included a GRC implementation to support the three lines of defence, including Risk Management, Internal Audit, Compliance, Cyber Risk and Internal Control. The project will support these functions in their daily tasks from risk assessment, to compliance management and internal audits, while providing valuable management information.
A truly integrated GRC approach enabled this leading energy company to break down silos by allowing business control functions to act together, sharing a common methodology, risk language and vital information.
A risk assessor may have at his fingertips information about controls managed by Internal Control, findings and recommendations managed by Internal Audit, threats and vulnerabilities of IT systems managed by Cyber Risk and compliance cases. All of these related to the risk he is assessing avoiding the exchange of countless emails and spreadsheets!
This increased risk awareness throughout the company will improve efficiency and productivity, while also ensuring traceability and accountability.
The GRC solution used was SAI Global’s BWise GRC platform. It assures a smooth management of the multidimensional risk framework through different organizational levels. It also provides a unique coverage of the business control functions within the scope and the possibility to extend to others in the future.
Traceability, a flexible profile/permissions model, and interface management were also key factors for the selection.
Link Consulting is the leading Portuguese GRC player. We have more than 20 certified consultants with a proved track record of projects implemented in more than 17 customers, including some of the major Portuguese companies and also Spanish, French and UK based companies.