Case Study: Roche consolidates global risk management with Sword GRC’s Active Risk Manager

Roche consolidates Global Corporate Risk Management with Active Risk Manager

Roche, a global healthcare leader in diagnostics and medicines, needed a practical way to consolidate risk information across many business units and affiliates. In 2007, it set up a new Group Risk Management function and chose Sword GRC’s Active Risk Manager (ARM) to replace a patchwork of tools and processes with a common platform that could support both enterprise and project risk while aligning with COSO and ISO 31000.

Sword GRC implemented ARM as a web-based, centrally managed risk solution that lets Risk Managers collect, score, review, and report risks consistently across the organization. The result was global visibility of Roche’s risk profile, a shared language and scoring criteria, improved communication through reports and alerts, and better decision-making with metrics such as KPIs and overdue risks tracked centrally.

Roche

Daniel Imhof

Risk Director