“Our process of sending out Word ® documents, getting them updated and then transferring all the information into our database was not efficient at all.” — Kevin Rich, Senior Auditor at SaskTel
The Challenge
SaskTel had been using a combination of Excel ® spreadsheets and Access ® databases as their internal audit solution. All tracking and action items were being stored in Access databases and their audit team was forced to manually update the data. Similarly, when it came to reporting, the SaskTel team manually migrated information from the databases into a spreadsheet to present them to the Board or Executive Committee. SaskTel was looking for a solution that would provide them with necessary tools to better handle their internal audit process and something that would allow management to have access to their action plans.
The Solution
SaskTel chose to use Resolver’s Intelligent Audit, Risk and Compliance software: GRC Cloud. “We were looking for an internal audit that would put more information and responsibility into the hands of our clients,” said Kevin Rich, Senior Auditor at SaskTel. “Our process of sending out Word documents, getting them updated, then transferring all the information into our database was not efficient at all.” GRC Cloud provided the solution that SaskTel was looking for.
The Results
Accountability and Awareness
GRC Cloud’s biggest advantage for SaskTel’s Internal Audit department has been the Workflow feature, which puts the issues and action plans into the hands of the Control Owners and ensures they are responsible for updates and mitigation activities. This results in accountability and action. Workflow combined with Cloud’s drill-down Dashboards allow Senior Management and the Board to be aware of what the outstanding issues and risks are, how they are being dealt with, and the progress.
Flexibility
SaskTel was impressed by the ability to easily tailor GRC Cloud to their needs. GRC Cloud was built with flexibility in mind. This flexibility allowed SaskTel to establish their framework exactly the way they wanted it without being locked into a vendor’s view of how things should be done. Further, this flexibility allows the audit team to make changes on an ongoing basis, as their requirements grow and change.
Visibility
Using GRC Cloud, the SaskTel management team has direct access to audit issues, action plans and C-SOX controls. Similarly, the audit team has access to real-time information from across the organization that they can easily filter and use to create reports for themselves, Senior Management and the Board.
