IBM OpenPages GRC Services | GRC Consulting – iTechGRC

For a leading automotive supplier

Execute comprehensive, broad-scale risk assessments and take effective steps to reduce exposure

Client Profile

The client develops advanced technologies for transporting individuals and goods. They are a trustworthy partner, serving as an international supplier in the automotive industry, manufacturing tires and providing industrial solutions. They focus on delivering sustainable, safe, comfortable, personalized, and cost-effective transportation options. The corporation established a strong presence with sales amounting to €40.5 billion in 2016. The client has a workforce of over 220,000 individuals across 56 countries.

Project Overview

Being one of the foremost suppliers in the automotive industry, the client acknowledges that the journey toward success is fraught with obstacles and challenges. To ensure that their business overcomes these hurdles and reaches its goals, the company aimed to leverage IBM OpenPages to gain better comprehension and control over various risks associated with finance, compliance, product quality, and more. By identifying potential areas of vulnerability across all their global subsidiaries and developing practical strategies to minimize the threats, the client sought to steer clear of any potential business risks.


To mitigate business risk, large corporations are confronted with a wide range of challenges, from currency fluctuations to product recalls and natural disasters. To address this, the client is determined to understand risk exposure across its subsidiaries worldwide and implement effective measures to mitigate these threats.

Inconsistency in reporting: The client faced challenges in reporting consistency and coordination. Their subsidiaries offer extensive products, including tires and automotive components designed for various types of vehicles. The complexity of their product range results in specific departments reporting to different business units, leading to reporting consistencies.

Legacy systems: The client previously relied on different legacy systems and processes to evaluate global risk exposure. Each reporting unit assessed its risks and reported them to a central controlling function biannually. During this evaluation, they identified multiple areas for improvement, particularly regarding efficiency and standardization.

Tools consolidation: Additionally, the client aimed to consolidate their existing tools into a unified solution. Building upon this, their ultimate objective was to enhance their risk management culture by implementing a new solution.


After carefully evaluating solutions from multiple vendors, the client implemented IBM OpenPages Governance, Risk, and Compliance software. To ensure that essential factors are considered, the client established mandatory risks that all departments must consider and include in their assessments. The controllers perform tests to validate the accuracy of the self-assessments, and if they discover any underestimation of risks, they adjust the scores accordingly.

Pre-rollout feedback: Before the full rollout, the client conducted a pilot phase, during which end-user feedback was gathered and incorporated into the final application.

Customization for special reports: The solution was customized as needed, allowing for generating specialized reports. Furthermore, the client was upgraded to the latest software release before going live.

Dedicated hotline: As the project approached completion, the client conducted training sessions for their global user base on the new solution with the support of IBM. Following the go-live phase, a dedicated hotline was established to capture reports about OpenPages through the client’s general IT ticketing system. This proactive approach helped in promptly resolving any issues that arose.

Standardization in reporting: OpenPages provides a comprehensive risk library that assists users in categorizing risks and submitting reports in a standardized manner, with separate sections for quantitative and qualitative risks. The company continues to rely on bottom-up risk assessments as in the past. Initially, consolidation units such as plants and locations create risk assessments within OpenPages, which are reviewed and approved by a local risk officer.

Five layers of organizational approvals: The assessments from the consolidation units are subsequently sent to the relevant business units, which review and approve the inputs provided by the consolidation units while conducting their risk assessments. This process continues up to five layers of the organizational chart, with each layer given two weeks to complete their tasks.

Finally, the assessments are forwarded to the central controlling function, where the data is compiled and verified. Utilizing the integrated IBM Cognos reporting, the business generates a final report on global risk exposure for senior management. Within a year of deployment, the client successfully developed sufficient internal resources to manage the application independently.

Business outcome case study

Business Outcome

Opting for a comprehensive solution such as OpenPages proved to be instrumental for the client in effectively managing a wide range of risks encompassing operational, financial, compliance, legal, and quality-related aspects.

The adoption of OpenPages has yielded several significant benefits, including:

Lesser risk factors: A reduction of approximately 60 percent in the number of risk factors that teams are required to report on.

Reduction in irrelevant risk factors: Streamlined risk factor filtering, resulting in a 75 percent decrease in irrelevant risk factors and enabling quicker completion of reviews.

Process consolidation: Consolidating six distinct risk management processes and four different systems into a unified platform enhanced overall efficiency in risk management operations.

Why partner with us to implement IBM OpenPages solutions?

grc sl 1

Our GRC experts implement a bespoke strategy to effectively manage and monitor your third-party risks.

grc sl

With the help of our efficient methodology and deep knowledge of IRM best practices, we help you get a rapid return on your project and software investment.


Agile, Waterfall, or a combination of both - we discuss your requirements and suggest the best methodology for implementation.

grc implementation services

We work with your development team to make real-time adjustments to the OpenPages in your development environment by doing a gap analysis.


With the help of instructor-led 8-hours long training courses, we guide your implementation team through the OpenPages configurations.

Need help with a technology solution to meet your GRC objectives?

Learn how IBM OpenPages can be leveraged to manage and mitigate risk, enhance IT governance, and improve compliance. Schedule a call with our experts.