Single source of truth transforms risk management for Equinix

Global internet connection and data center company Equinix is on a mission to track risk in one place. That’s a big undertaking for an enterprise with 240 data centers in 27 countries on five continents.

Toward that goal, Equinix needed a system that could map policy and compliance status across various organizations, as well as compliance and certification frameworks. It also wanted to capitalize on its existing technology investments, simplify workflows, and ensure a frictionless user experience.

Expanding on existing technology

Having already adopted ServiceNow IT Service Management (ITSM), the company had many compliance and risk management solutions in place, including user onboarding, offboarding, and API automation with its enterprise resource planning (ERP) systems.

Its ecosystem included integrations with ERP systems, databases, operating systems, and vulnerability scanners, along with security information and event management (SIEM) tools such as Exabeam and Splunk.

It made perfect sense for Equinix to choose ServiceNow integrated risk management products because they’re built on the Now Platform, which the company already owned.

Establishing one source of truth

For the past year, Equinix has been partnering with Edgile, a Wipro company and ServiceNow Elite partner, on its ServiceNow risk and compliance implementation. This includes policy lifecycle management, an IT risk register, controls, and assessment targets, with added risk statements linked to authority documents and control objectives from Edgile.

Equinix’s goal is to have a single source of truth for its risk and compliance program. The company wants its internal and external users to be able to input data once and use or repurpose it wherever needed in the organization.

The various business units will use the system as a single control center to oversee compliance across the organization, including the company’s top five risks and top 10 trending issues.

“Companies don’t know what they don’t know,” says Brian Rizman, partner at Edgile. “If you plan for a yearlong project, your business is going to change, and priorities will shift. I think the focus on foundations and starting to use the system early on is key. Equinix has done a really nice job with that approach to their GRC [governance, risk, and compliance] implementation.”

Moving toward global risk monitoring

Having a single source of truth makes it easier for Equinix to demonstrate compliance and be transparent with its customers.

Next, the company plans to onboard business entities and include human resources policies, IT policies, and IT standards. After that, each business unit, which has its own compliance and certification frameworks, will be onboarded.

Ultimately, the Now Platform will free Equinix from a siloed approach, providing a single pane of glass to assess risk across the company.

Watch our Knowledge session for more details: Managing third-party and supplier risk with ServiceNow VRM and IRM.

© 2022 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.