Philipp Kiencke
Author: Philipp Kiencke
connect on xing
connect on LinkedIn

New HighBond use cases improve risk management

Liability risks and cyber risks - in both cases, companies face high costs in case of damage. However, most damages are preventable with the right control systems in place. Two new use cases from HighBond now make it easier for you to control your IT security and evaluate your third-party management.

Increasing demands on IT risk management

86% of German companies have become victims of cybercrime in 2020, 16% more than two years earlier, according to a Bitkom survey. As the threats increase, so do the legal requirements for data security and data protection and the security efforts in companies. 

At least as important as the initial introduction of IT security measures at the technical, process and organizational level is the monitoring of these measures. However, many company groups still work with spreadsheet tools instead of using a central enterprise-wide platform to assess IT risk and compliance management. As a result, teams ensure their local compliance, but gather insights and implement improvements without sharing them across the company. This creates unnecessary redundancies and quality discrepancies that are avoidable with a centralized IT risk management system. 

Automation improves assurance and cost efficiency

Diligent, formerly Galvanize, provides with the new ITRM Bond a platform through which companies can carry out their audits for IT security centrally, largely automated and much more efficiently. 

All data relevant for risk assessment is brought together in the application. Users can thus control and monitor different use cases parallel to each other. With just a few clicks, they can create standardized audit trails and automate the necessary data analyses. This significantly reduces the time and cost of assessments. At the same time, the accuracy and traceability of audit results increases. 

The dashboard (storyboard) gives users a complete overview of the risk and compliance situation and allows them to visualize findings according to individual preferences and quickly prepare them for the next management meeting. 

Picture 1: Dashboard in Third-Party Risk Management

Supply chain law creates challenges for companies 

Another compliance challenge: the supply chain. Ensuring that all suppliers and partners comply with legal and internal company requirements is complex. In the future, however, companies will be able to afford even less negligence in auditing than before. The German government has passed a new supply chain law. It obligates German companies to ensure that they comply with human rights along the entire global supply chain. 

The focus is primarily on working conditions in poorer countries from which companies source raw materials: Child labor, discrimination and exploitation should no longer be supported by German companies. But the law also aims to strengthen responsibility for environmental protection.   Companies will therefore be required, among other things, to analyze human rights risks, take preventive and remedial measures and report on their activities. 

The law will only come into force in stages from 2023. However, as sustainable and ethical business practices are an increasing competitive factor, companies should adapt their processes sooner rather than later to meet the changed requirements.

Efficient and constant management of supplier risks 

To ensure that this does not lead to an increase of costs, HighBond's new third-party management offers a smart solution for managing supplier risks throughout the entire lifecycle of the business relationship - from on boarding, to assessment and resolution of issues, to performance monitoring and ongoing monitoring. 

The data collection process is fully automated: Users no longer need to drag data from various source systems, but can start evaluating it immediately. A predefined risk rating of suppliers speeds up decisions.

Numerous workflows and analyses are already pre-configured so that users are freed from repetitive preliminary work and can concentrate on the evaluation measures. One example of such relief is the sending of supplier questionnaires. With the help of intelligent automation, users send them out in a fraction of the time it used to take. At the same time, the system adapts further questionnaires based on initial responses. These adaptive surveys alone save an enormous amount of time.  

Picture 2: Supplier questionnaires

Do you have questions about the use of the new use cases or would you like to get to know the products in an online demo? Then please feel free to make an appointment for a no-obligation consultation.

Comments (0)
Be the first who comments this blog entry.
Blog login

You are not logged in. Please log in to comment this blog entry.

go to Login