Case Study: Susquehanna Bancshares streamlines risk management with DoubleCheck GRC and audit software

Integrating and Expanding GRC and Audit Systems Providing More Effective Risk Management at Susquehanna

Susquehanna Bancshares needed a more coherent way to manage enterprise risk, compliance, and audit across a highly regulated financial environment. After using disparate GRC and audit methods, the company turned to DoubleCheck Software’s GRC and audit platform, which it had already begun using for internal audit work, and saw an opportunity to extend it for Sarbanes-Oxley compliance and broader risk management.

DoubleCheck Software worked with Susquehanna to expand the flexible GRC platform into an integrated enterprise risk management system, translating audit and SOX terminology into a common risk language and consolidating data, controls, and reporting. The result was a unified inventory of controls, improved visibility into risks, faster access for management, and the ability to generate audit and SOX Section 302 documentation; the initial integration took eight months, with the GRC system then going live in 12 weeks, and the company is now extending the solution into vendor risk management.

Susquehanna Bancshares

Hobbs

Chief Information Security Officer