Corporate responsibility: Use GRC systems to keep plants and suppliers in check

Complying with governmental regulations normally involves lots of paperwork and plenty of manual workarounds. Still another layer of knowledge is necessary to ensure suppliers are in compliance with certain standards. Governance, Risk, and Compliance (GRC) systems address these compliance issues and a lot more.<br/>


Complying with governmental regulations is a time-consuming task with lots of paperwork and plenty of manual workarounds. Still another layer of knowledge is necessary to ensure suppliers are in compliance with certain standards.

Governance, Risk, and Compliance (GRC) systems, which evolved out of the Sarbanes-Oxley Act of 2002, address these compliance issues—plus quality, policy, and procedure management. GRC solutions assist users with internal audits and self-assessment tools, and building risk profiles for suppliers.

“Companies use GRC systems to identify suppliers that are not following requirements,” says Philippe Tesler, a company VP for corporate responsibility solutions supplier Enablon . “The systems offer a complete view of supply chains. Performing audits on hundreds of suppliers would be extremely expensive. A GHC system can target which suppliers would be more likely to have compliance issues.”

Such issues range from international legal health and safety requirements and human rights regulations to local policies and general business ethics. “It’s important to be able to track code-of-conduct policies and high-level principals, ensuring that all processes are in line with a company’s business excellence framework,” explains Tesler.

Enablon’s IRIS methodology seeks to implement a reporting and management solution for nonfinancial performance. Four key stages enable fast and effective solutions implementation.

Enablon’s system allows users to incorporate metrics and set thresholds that send triggers to operators or managers to take corrective action. “A target may be to reduce carbon emissions by a certain percent, or the number of product defects,” says Tesler. “Or users can view benchmarks and best practices to compare themselves with other companies.”

STMicroelectronics , a Swiss semiconductor supplier, uses Enablon’s system for self-assessment as a part of its enterprisewide continuous-improvement program. The solution helps the company track, manage, and measure performance metrics throughout 120 of its facilities and departments. Scores are based on more than 300 indicators—e.g., communication, management commitment, policy and strategy, and leadership.

“We wanted to facilitate collecting and reporting our performance data,” says Veronique Livache, quality solutions director. “The Enablon system is Web-based and therefore accessed by everyone. The previous spreadsheet-based system was a nightmare since we had to merge the data from every site.”

Self-assessment simplicity
GRC systems allow users to consider both statistical and historical analysis when documenting potential risks.

“A car manufacturer with a product defect may have a litigation risk since the defect could affect profits,” says Chris McClean, an analyst with Cambridge, Mass.-based Forrester Research . “There also could be reputational risks if there are recurring quality issues, which could cause a string of repercussions.”

Typically, companies run a quality risk assessment using probability analysis and sophisticated mathematical models, says McClean. Users can look at historical documentation, view potential risks, and run detailed scenarios.

“Most mature systems compare statistical results to historical losses to determine expected losses and how to mitigate risks,” says McClean. “They might say,‘If we spend a certain amount, we can reduce our expected loss by this amount.’ ”

GRC evolved naturally from Sarbanes-Oxley as the need for greater capabilities grew for quality management, workflow, regulatory reporting, policy and procedure management, and risk self-assessment. According to McClean, companies want to be able to set policy and record deadlines as well as run compliance reports and track suppliers on quality and delivery times.

In certain vertical industries with strict governmental regulations—such as pharmaceuticals—GRC systems work together with OSHA and environmental health and safety regulations. Most manufacturers have a quality management system in place, however a good GRC system will enhance it and assist with regulatory compliance reporting, says McClean.

No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Additive manufacturing benefits; HMI and sensor tips; System integrator advice; Innovations from the industry
Robotic safety, collaboration, standards; DCS migration tips; IT/OT convergence; 2017 Control Engineering Salary and Career Survey
Integrated mobility; Artificial intelligence; Predictive motion control; Sensors and control system inputs; Asset Management; Cybersecurity
Featured articles highlight technologies that enable the Industrial Internet of Things, IIoT-related products and strategies to get data more easily to the user.
This article collection contains several articles on how automation and controls are helping human-machine interface (HMI) hardware and software advance.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Mobility as the means to offshore innovation; Preventing another Deepwater Horizon; ROVs as subsea robots; SCADA and the radio spectrum
Future of oil and gas projects; Reservoir models; The importance of SCADA to oil and gas
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me