Download PDF
Achieving Sustainable SOX Compliance at Vipnet
Technology Category
- Application Infrastructure & Middleware - API Integration & Management
Applicable Industries
- Telecommunications
Applicable Functions
- Business Operation
Use Cases
- Regulatory Compliance Monitoring
- Process Control & Optimization
Services
- System Integration
- Software Design & Engineering Services
The Challenge
Vipnet, a leading GSM operator in Croatia, was required to comply with the Sarbanes-Oxley Act (SOX) as part of the Mobilkom Austria group. The compliance required making business processes transparent and proving the efficiency of its internal control system. However, the company faced several challenges. Controls weren't specifically defined and couldn't be mapped as part of a process flow, leading to insufficient process mapping. Additionally, controls weren't tested. The company needed a financially oriented approach to process management to become SOX compliant.
About The Customer
Vipnet is a leading Global System for Mobile Communications (GSM) operator in Croatia. Within a year of its establishment, the company became the leading GSM operator in the country. Vipnet is known for its progressive network expansion and continuous investments in development. The company attributes its success to a high level of international knowledge and experience in mobile communications and the enthusiasm of its partners. Vipnet is owned by Mobilkom Austria AG and is one of the most successful companies in Croatia.
The Solution
Vipnet used process management as a starting point and ARIS Audit Manager as the tool to support SOX implementation. The company organized the compliance project with strong support from top management. The greatest focus was needed in the areas of finance and support for Control Objectives for Information and related Technology (COBIT) requirements. Vipnet established an additional process view—the so-called SOX or MCOT view. Risks were detected and mitigated using appropriate controls. Control effectiveness needed to be proven by explicitly defined testing. Vipnet used ARIS Risk & Compliance Manager to support employees with this challenging task by planning, triggering, and tracking tests of Vipnet’s installed controls.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.