• Internal Control Solutions:

    Stroomlijnt de documentatie van processen, risico’s en beheersmaatregelen en biedt het management inzicht via rapporten, dashboards, what-if simulaties en verbeterplannen.

    see_movie_on

  • IT-GRC Solutions:

    Al uw IT-gerelateerde processen kunnen worden beheerd met behulp van IT-GRC modules zoals COBIT, Informatiebeveiliging en Bedrijfscontinuïteitsmanagement.

    see_movie_on

  • Risk Management Solutions:

    Eenvoudig risico’s identificeren, analyseren en managen. Geeft het management inzicht via rapporten, dashboards, heat-maps, what-if simulaties en verbeterplannen.

    see_movie_on

  • Internal Audit Solutions:

    Ondersteund de auditcyclus door auditplannen te ontwerpen en beheren, veldwerk en auditevaluaties uit te voeren en auditrapportage te publiceren.

    see_movie_on

  • Open GRC Framework Solutions:

    Ontwerp uw eigen geïntegreerde risico en/of compliance raamwerken.

    Contact us

Mitsui Sumitomo Insurance Europe

Providing an integrated view of risk and reducing costs for managing
parallel Internal Control (SOX) and Internal Audit processes

Profile

Mitsui Sumitomo Insurance Co. Ltd. is one of the largest general insurers of the world with over £6.4 billion and assets of more than £41.4 billion. Its European arm, Mitsui Sumitomo Insurance Europe, provides integrated underwriting, risk management and claims management services in Europe and also services global clients of its parent company in Japan.


Background

Compliance, governance and risk management reforms that followed the corporate failures of the past decade have dramatically changed today’s business environment. The Sarbanes-Oxley Act (SOX), a landmark regulation, was intended to make the financial reporting of public companies in the US more transparent, thus avoiding Enron-style scandals in the future. Mitsui, like many organizations that are not (yet) subject to SOX provisions have begun to adopt and implement SOX on a voluntary basis. The European Internal Audit team together with management has responsibility for managing SOX compliance for the London Syndicate and all the European branches in addition to ongoing activity running Internal Audit reviews through out Europe.


Client Challenge

Mitsui began complying with SOX manually using Microsoft Office™ tools such as Excel, Word and Visio which required maintaining and updating numerous spreadsheets, documents and related reports across multiple business entities. Manual processes are prone to error or omission and aggregating paper based results across the enterprise proved inefficient. Their existing technology was highly reliant on centralized staff know-how, making it difficult to delegate responsibilities to the field and adding complexity to the compliance process. In addition, Mitsui recognized that many activities overlapped with their existing Internal Audit ongoing process which resulted in unnecessary cost.


The Dynasec Solution: easy2comply™

Mitsui recognized the need to find an application that would help them achieve ongoing and efficient SOX compliance that would work in a more integrated manner with its Internal Audit activities.

After investigating market possibilities Mitsui chose easy2comply™, the Dynasec software application which provides a comprehensive GRC solution for managing multiple GRC processes in a single, integrated platform.

The software proved to be intuitive and quick to implement within Mitsui and used by many employees. The software provides all the functionality, workflow and management tools needed and can also be supplied with relevant best practice data.

The web-based software provides an all-in-one environment for both ongoing SOX compliance as well as Internal Audit. The solution can track, recognize and manage common controls across multiple processes and regulations and allow Mitsui to configure which information to share between the separate GRC functions. For example, easy2comply™ can allow the SOX testing results to be used as input to the Internal Audit Risk Assessment phase that determines the frequency of specific Audits.


Results

easy2comply™ provides a ‘state of the art’ solution for automating Mitsui’s SOX compliance and Internal Audit functions. The application enables a rationalized environment where all processes, risks and controls are managed in a single, non-redundant data model. The software reduces the time to compliance and increases overall efficiency by allowing Mitsui to hand over responsibility in the future for periodic control testing to the designated business process owners rather than forcing the centralized compliance staff to rely on external consultants. The system has addressed concerns over version control, which was an issue when using Excel/Word/Visio, and helped Mitsui spot discrepancies and inconsistencies between processes and documents.

“One of the unique feature of easy2comply™ is its ability to link controls between processes, thus enabling us to only update the results of our testing once for duplicated controls. This will be of increasing importance as our company grows seeing that the maintenance of multiple documents and numerous, overlapping controls is already unwieldy. The fact that the system can aggregate the underlying data into multiple report formats automatically saves us time compared to reproducing this manually for each process.”

[Martina Ryan & Christina Kim, Mitsui]