Vienna Insurance Group harmonizes cyber resiliency across its companies Unifying methodology and technology to meet DORA requirements on a tight timeline
1 Platform consolidates data for easy access and reporting Improves security across the whole group in the best interest of customers 200 Users trained on the platform, methodology, and how to assess risk

Vienna Insurance Group (VIG) is the leading insurance group in Central and Eastern Europe, with more than 50 insurance companies and 30,000 employees in 30 countries. VIG adapts its insurance solutions to local and personal needs.

In 2023, the Digital Operational Resilience Act (DORA) took effect in the EU to harmonize cyber resiliency across the financial sector, replacing local, independent regulations. Given less than two years to comply, VIG needed to quickly adopt new technology and a single methodology across all its companies for a unified understanding of risk and criticality while keeping sensitive data segregated to protect confidentiality. By developing and improving operational resilience in this way, VIG acted in the best interests of its clients.
ServiceNow is a very stable platform that can support all the DORA requirements. I appreciate the integration of data in the solution. It saves a lot of time and effort. Karin Gubalova IT Risk Management Global Competence Center Team Leader, Vienna Insurance Group

VIG chose the ServiceNow AI Platform as the foundation and framework for its compliance program, replacing spreadsheets with a stable, feature-rich environment for their evolving needs. The group uses Integrated Risk Management to assess business application and IT services risks, and Third-party Risk Management for vendor risk assessment. To evaluate the threat landscape, VIG chose Vulnerability Response and Security Operations. IT Asset Management, previously implemented, integrates seamlessly with all the new modules for shared data. 

By unifying all activities and compliance data on ServiceNow, VIG saves time and effort and improves security across all its member companies. The group continuously onboards applications and vendor engagements and assesses based on the new methodology. VIG has already identified several previously undetected security gaps through the control attestation process and brought them to the attention of local management, improving security.

In the future, VIG plans to incorporate risks associated with business functions and increase visibility for higher management. The group will continue to evolve GRC processes and user experience over time to meet additional DORA requirements, confident that the ServiceNow AI Platform has the breadth of capabilities to meet these needs.
Share this story Products Used Integrated Risk Management IT Asset Management Security Operations Third-party Risk Management Vulnerability Response Customer Details Customer Vienna Insurance Group Location Vienna, Austria Industry Financial Services Employees 29,000
Integrated Risk Management Explore the solution that helps Vienna Insurance Group harmonize cyber resiliency across its companies. Watch Demo Connect with an expert Whether you need to streamline a process or develop apps fast, we're here to help. Contact Us
Recommended Stories View All Stories IT requests fulfilled in hours instead of weeks with ServiceNow Video CTA Know more ServiceNow platform puts customers first in Bertelsmann’s GBS transformation Video CTA Know more Kainos transforms customer service using GenAI with Now Assist Video CTA Know more