Automating the end-to-end audit process
Nexen looks for a more streamlined, efficient, and transparent audit process
As a major oil and gas company, NexenEnergy operates in a heavily regulated industry. That makes governance, risk, and compliance (GRC) a top priority. The company has to have strong business controls in place and needs to respond to multiple external audits every year.
However, Nexen was struggling with audits. According to Renato Cunha, IT GRC Analyst at Nexen, “We were caught between our external auditors and our internal business stakeholders. Our GRC team would receive hundreds of requests from auditors and assign them manually to control owners. We spent huge amounts of time in follow-up meetings, chasing down requests, and updating auditors with evidence. The whole process was incredibly time-consuming and inefficient. And, because we tracked everything manually, we didn’t have real-time, end-to-end visibility of our audit status.”
Nexen automates its end-to-end audit processes with ServiceNow GRC
Nexen decided its audit processes needed to be automated. The company already used ServiceNow® GRC Risk Management, so it made sense to use GRC Audit Management as well, leveraging a seamlessly unified solution built on the Now Platform®.
Now, external auditors simply enter requests into ServiceNow using an audit request form, and ServiceNow automatically routes these to the right control owners. Control owners respond with evidence, which is also maintained in ServiceNow. Auditors have complete visibility, tracking the status of requests and receiving responses directly in ServiceNow. This frees up Nexen’s GRC team to manage SLAs, handle exceptions, and enhance controls and processes.