Case Study: Vipnet achieves sustainable SOX compliance with Software AG's ARIS Risk & Compliance Manager

VIPnet - Customer Case Study

Vipnet, a rapidly growing GSM operator in Croatia and part of the Mobilkom Austria group, faced a major compliance challenge when it had to meet Sarbanes‑Oxley (SOX) requirements. Although Vipnet already used ARIS for process management, controls were poorly defined, not mapped into process flows, and not tested, so the company needed a financially oriented approach to define significant accounts, processes, risks and controls and prove control effectiveness.

Vipnet used ARIS Risk & Compliance Manager (formerly ARIS Audit Manager) to map Major Classes of Transaction, define risks and controls, and plan, trigger and track testing (with a user-friendly Excel interface and import/export scripts linking data back into ARIS). The operational line took over testing and remediation, auditors accessed audit‑proof results directly, and by end of 2006 Vipnet had established effective internal control of financial reporting—achieving SOX compliance while gaining greater process transparency, leaner and better‑documented controls, reduced financial risk, lower maintenance and fewer audit interactions.

Vipnet

Nevenka Crneka-Čudina

Business Process and SOX Manager