Log In   |  Register Free Newsletter Subscription
Skip navigation
Zibb
Subscribe to Manufacturing Business Technology
FirstLight 
Email
Print
Reprints/License
RSS

Corporate responsibility: Use GRC systems to keep plants and suppliers in check

Karen Dilger, contributing editor (kadilger@comcast.net) -- Manufacturing Business Technology, 3/17/2009 8:23:00 AM MDT

Complying with governmental regulations is a time-consuming task with lots of paperwork and plenty of manual workarounds. Still another layer of knowledge is necessary to ensure suppliers are in compliance with certain standards.

Governance, Risk, and Compliance (GRC) systems, which evolved out of the Sarbanes-Oxley Act of 2002, address these compliance issues—plus quality, policy, and procedure management. GRC solutions assist users with internal audits and self-assessment tools, and building risk profiles for suppliers.

“Companies use GRC systems to identify suppliers that are not following requirements,” says Philippe Tesler, a company VP for corporate responsibility solutions supplier Enablon. “The systems offer a complete view of supply chains. Performing audits on hundreds of suppliers would be extremely expensive. A GHC system can target which suppliers would be more likely to have compliance issues.”

Such issues range from international legal health and safety requirements and human rights regulations to local policies and general business ethics. “It’s important to be able to track code-of-conduct policies and high-level principals, ensuring that all processes are in line with a company’s business excellence framework,” explains Tesler. 

Enablon’s IRIS methodology seeks to implement a reporting and management solution for nonfinancial performance. Four key stages enable fast and effective solutions implementation.



Enablon’s system allows users to incorporate metrics and set thresholds that send triggers to operators or managers to take corrective action. “A target may be to reduce carbon emissions by a certain percent, or the number of product defects,” says Tesler. “Or users can view benchmarks and best practices to compare themselves with other companies.” 

STMicroelectronics, a Swiss semiconductor supplier, uses Enablon’s system for self-assessment as a part of its enterprisewide continuous-improvement program. The solution helps the company track, manage, and measure performance metrics throughout 120 of its facilities and departments. Scores are based on more than 300 indicators—e.g., communication, management commitment, policy and strategy, and leadership.

“We wanted to facilitate collecting and reporting our performance data,” says Veronique Livache, quality solutions director. “The Enablon system is Web-based and therefore accessed by everyone. The previous spreadsheet-based system was a nightmare since we had to merge the data from every site.” 

Self-assessment simplicity
GRC systems allow users to consider both statistical and historical analysis when documenting potential risks.

“A car manufacturer with a product defect may have a litigation risk since the defect could affect profits,” says Chris McClean, an analyst with Cambridge, Mass.-based Forrester Research. “There also could be reputational risks if there are recurring quality issues, which could cause a string of repercussions.”

Typically, companies run a quality risk assessment using probability analysis and sophisticated mathematical models, says McClean. Users can look at historical documentation, view potential risks, and run detailed scenarios.

“Most mature systems compare statistical results to historical losses to determine expected losses and how to mitigate risks,” says McClean. “They might say, ‘If we spend a certain amount, we can reduce our expected loss by this amount.’ ”

GRC evolved naturally from Sarbanes-Oxley as the need for greater capabilities grew for quality management, workflow, regulatory reporting, policy and procedure management, and risk self-assessment. According to McClean, companies want to be able to set policy and record deadlines as well as run compliance reports and track suppliers on quality and delivery times.

In certain vertical industries with strict governmental regulations—such as pharmaceuticals—GRC systems work together with OSHA and environmental health and safety regulations. Most manufacturers have a quality management system in place, however a good GRC system will enhance it and assist with regulatory compliance reporting, says McClean.





Email
Print
Reprints/License
RSS
Talkback
Sponsored Links
Reed Business Information Resource Center

Featured Company

Most Recent Resources

Advertisement

Related Microsite Content

Related Links

Advertisement
Wonderware
NEWSLETTERS
Mid-Day Report
Innovation Strategies
Intelligent Manufacturing
Lean Enterprise



Please read our Privacy Policy

About Us   |   Advertising Info   |   Site Map   |   Contact Us   |   FREE Subscription   |   Affiliate Links   |   RSS
© 2009 Reed Business Information, a division of Reed Elsevier Inc. All rights reserved.
Use of this Web site is subject to its Terms of Use | Privacy Policy
Please visit these other Reed Business sites