Case Study: Steelcase achieves automated SOX compliance and saves 1,200+ audit hours with Symmetry's ControlPanelGRC

Steelcase Turns to ControlPanelGRC When GRC Requirements Increase 8x

Steelcase, a global workplace products company, faced a rapidly growing SAP estate (18 production clients and more than 60 systems including ERP, BW, SRM, PI and portals) and a sharp increase in Sarbanes-Oxley (SOX) reporting scope and granularity. With auditing requirements expanding from one to four major systems and data-detail requirements multiplying roughly fourfold — all while management forbade headcount growth — Steelcase could no longer rely on manual, error-prone report pulls and table searches. To address this, Steelcase selected Symmetry’s ControlPanelGRC to automate and standardize its GRC processes.

Symmetry implemented ControlPanelGRC (July 2010), automating some 80–90 formerly manual reports and adding tools like a weekly 90-day user‑ID audit and self-service password reset. The result: audit analysis that previously would have required an estimated 1,200–1,440 hours over six months now takes about 6–8 hours, effectively adding a full‑time equivalent without hiring, reducing control deficiencies, and enabling removal of a couple thousand unused ERP users (with further SAP license savings expected). Symmetry’s solution also improved data accuracy and visibility and is being rolled out to subsidiaries.

Steelcase

Ken Bailey

Senior Netweaver Administrator