- Corporate Security
- Governance, Risk & Compliance
- Information Security
Theresa Cody is the Director of Enterprise Risk Services behind Bangor Savings Bank, the 4 billion dollar savings and mortgage bank headquartered in Bangor, Maine. For Theresa, making the switch from Excel to Resolver wasn’t about establishing an ERM program—her team already had a process in place to manage risk to objectives. Their ERM program was working, but there was one problem; efficiency.
As Theresa explained, “It wasn’t possible to get everything done with the time we had available to us.” Furthermore, Theresa’s team knew they had COSO controls in place, but they couldn’t easily prove this or show that someone was taking action.
“We needed an ERM tool that could crosslink risk controls to activities and risks, automate follow up with risk owners, and easily produce high-level summaries of where we stand on risk to our objectives,” states Theresa.
Resolver helps Theresa and her team keep things fluid. “Assessments are now as near time as possible,” states Theresa. As they learn about risks from the audit team or their business lines, they can capture those risks and keep things fluid.
“Before Resolver, it took 10-16 hours to create a board report package,” says Theresa. “Now we can easily produce reports for them in the click of a button. This facilitates better discussion and saves my team up to 5 weeks of work per year.”
“Audit tracking with Resolver has brought us to another level,” states Theresa. “With Resolver, we know where we are at any moment. We can now say with ease that we have this many findings and this many are closed and we can even say what speed we are closing findings. We have tasks in place and know open tasks will be worked on. If we want to know what happened, we can easily see that too.”
“We also used Resolver to significantly improve the COSO process,” says Theresa. “It was near impossible without Resolver to manage COSO, but now it’s so simple we do it on a quarterly basis.” When the regulators ask Bangor Savings Bank to show them the controls that meet the COSO objectives, there is no fumbling around, they pull up a report in Resolver.
Resolver also helps Theresa’s team manage compliance. Business line managers share the status of compliance and quality assurance with Theresa’s team. “With Resolver, we can aggregate all compliance across business lines to create a board report that clearly shows the state of compliance,” says Theresa.
Bangor Savings Bank has also utilized Resolver’s incident tracking functionality to track incidents of suspicious transactions. Previously, suspicious activity incidents were submitted via email, and as we all know, things can easily get lost in email. “Anyone at the bank can log an incident and it’s tracked in Resolver, allowing us to connect incidents directly to risk,” states Theresa.
Like most ERM professionals, Theresa and her team strive to be seen as a trusted advisor to the organization. “The risk management team tends to hit roadblocks and people don’t understand that we are trying to help,” says Theresa. “The trouble is that business line managers don’t always understand that we have a global perspective and that we know things that can help the business line managers reduce the risk to their objectives.”
Email and spreadsheets made it difficult for Theresa and her team to be seen as relevant to business line managers. By switching from Excel to Resolver, Theresa says “we now we have about 20 business line managers attesting to the COSO controls that belong in their area and because we can capture them like this, audit can test them at least annually based on management’s assertions and the auditable evidence listed,” states Theresa.
This improved transparency has allowed Theresa and her team to demonstrate to managers how their requests positively impact their individual business lines.
“The Resolver implementation was fantastic,” says Theresa. “We had an excellent experience. The team delivered everything we asked for.”
As Theresa states, “there are not many people better than Julia and Kevin.” Julia and Kevin are the Resolver Professional Services Consultants that implemented Resolver at Bangor Savings Bank.
All too often, risk managers find themselves deep into the weeds of risk assessments. This inefficiency continues until one day they realize they spent so much time on one risk assessment that they can’t possibly get to the next one.
By implementing Resolver, Bangor Savings Bank has prevented themselves from getting lost in the weeds, transforming risk management into an efficient and fluid process. Theresa and her team now have the time to ensure Bangor Savings Bank is “touching everything and has an understanding of the risk and controls, and that they are managed and communicated,” says Theresa. Focus on efficiency and efficacy will follow.
Since implementing Resolver, Theresa and her team have: