Case study at-a-glance
- Background: Repower is an international energy company based in Switzerland.
- GRC Challenge: Find a software application that could address the needs of this large multinational organization in risk management, internal control and compliance and, at the same time, support the risk team to be more efficient.
- Solution: SAI360 GRC’s integrated risk management, internal control, and compliance and policy management solutions offered Repower extended capabilities through a new risk assessment approach.
- Benefits: Repower can now define risk structures since powerful workflows ensure correct data aggregation and provide a single risk language that helps them to present consistent and comparable data.
Although Repower is a multinational energy company, its risk management team is small. The team needed software that could address the needs of a large organization and at the same time support their efficiency.
For more than 100 years, Repower has been one of the largest providers of electricity in Switzerland. Repower has its own generation assets in Switzerland (hydropower), Italy (combined cycle gas power plant and wind power), and Germany (wind power). In its key markets, Repower operates along the entire energy value chain, from generation, trading, transmission and distribution to sales.
Repower sought to replace Excel spreadsheets with a software solution that enables them to collect and integrate all risk information and to manage work more effectively and efficiently. Another challenge was to share a unique approach to risk, internal control and compliance, that would ultimately result in a more transparent company and that can take advantage of a single view of their risk and control status.
Extended capabilities through a new risk assessment approach
After evaluating four other suppliers, Repower selected SAI360 for our long-time experience in the field. The SAI360 GRC platform offers role-based software solutions for risk management, internal control, internal audit, compliance and policy management, information security, and sustainability performance management. Each module supports the end-to-end processes of each discipline of GRC.
At Repower, the SAI360 platform that was implemented offered the company extended capabilities through a new risk assessment approach for company-wide risks as well as project-based and investment risks.
“The flexibility offered by SAI360 in determining measures and risk monitoring as well as the assessment capabilities aligned exactly to the configuration changes Repower needed. All this keeping the system user-friendly for the risk managers and other users,” commented the IT lead at Repower.
Benefits of the SAI360 solution for Repower
According to the company’s IT lead during the project, “We can say that the SAI360 implementation helped us to promote the risk and control culture in the company and enabled us to go deeper in the organization. For example, the risk management department now works with different levels of the line management.”
Repower can now define risk structures, since powerful workflows ensure correct data gathering and provide a “single risk language” that helps them to present consistent and comparable data to the management.
On top of this, the flexibility offered by SAI360 in determining measures and risk monitoring as well as the assessment capabilities aligned exactly to the configuration changes Repower needed. All this keeping the system user-friendly for the risk managers and other users.
The flexible reporting available within the SAI360 platform has given Repower’s risk team the opportunity to develop a solid and trustworthy in-house reporting environment. The company can combine bottom-up information with the top-down risk structures, which gives Repower enterprise-wide transparency.
The IT project lead noted, “I am confident that SAI360 can support us with future requirements. SAI360 offers a broad set of functionalities and has proven to be adaptable to our needs.”