Download PDF
Mobile Messaging Company Outgrows Manual Regulatory Compliance
Technology Category
- Application Infrastructure & Middleware - Data Exchange & Integration
Applicable Industries
- Telecommunications
Applicable Functions
- Business Operation
Use Cases
- Regulatory Compliance Monitoring
Services
- System Integration
The Challenge
A mobile messaging company was in hyper-growth mode but needed to mature its compliance program to keep pace with a growing list of regulations and B2B customer demands. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company’s startup culture made things harder, because it thrived on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style. While that culture could thrive in a small startup environment with few compliance mandates, the company had become a subsidiary of a publicly traded company and counted four of the top 10 global brands as customers. Meeting even basic business requirements was becoming impossible to manage using manual processes like spreadsheets.
About The Customer
The customer is a major mobile messaging company that was in a hyper-growth phase. The company had become a subsidiary of a publicly traded company and had four of the top 10 global brands as its customers. The company had to comply with 173 contracts, 254 regulatory mandates, and 9,700 contract demands. The company's culture was based on tribal knowledge, undocumented processes, and a shoot-from-the-hip management style, which was becoming increasingly difficult to manage as the company grew and the number of compliance mandates increased.
The Solution
The mobile messaging company selected NAVEX’s governance, risk management, compliance (GRC) platform, NAVEX IRM, for its capabilities in integrated risk management (IRM). NAVEX IRM enables organizations to gain a comprehensive view of their business and operations from a risk perspective— connecting individual risk disciplines and managing them in one centralized program. By using NAVEX IRM, the company’s CISO was able to assemble ISO/IEC 27001 controls, NIST SP 80053 controls and a custom NIST control family to form the company’s proprietary controls catalog. The company was also able to map controls to compliance mandates. The CISO accesses this feature when business requirements differ; for example, if one customer has a contract requirement while another customer requires the company to follow ISO, it’s all documented in NAVEX IRM.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.
