Scroll Top

Case study

Automotive

CUSTOMER

A LEADER IN THE EUROPEAN MARKET.
OUR CUSTOMER IS AN ESTABLISHED AUTOMOTIVE COMPANY WITH OVER 30 YEARS OF CONTINUOUS IMPROVEMENT, SPECIALISED IN DEVELOPMENT, MANUFACTURING, VALIDATION, AND MARKETING OF PREMIUM QUALITY ELECTRONIC CONNECTION SYSTEMS FOR THE AUTOMOTIVE INDUSTRY AND PROVIDING CUTTING-EDGE PRODUCTS TO MORE THAN 20 OF THE BIGGEST AUTOMOTIVE ORIGINAL EQUIPMENT AND AFTERMARKET BRANDS AROUND THE WORLD.

THE CHALLENGE

Our customer is ISO/TS 16949 certified, which has been one of the automotive industry’s most widely used international standards for quality management. In 2016 the International Automotive Task Force (IATF) published the IATF 16949:2016 which supersedes and replaces the current ISO/TS 16949.

At the same time that our customer is working on the transition from the ISO/TS to the IATF standard, the number of supply-chain compliance requests is increasing steadily (which is a trend currently observed in all markets). For instance, our customer has been requested to be assessed according to the Information Security Assessment of the Verband der Automobilindustrie (VDA) – a regulation which builds heavily on ISO 27001/27002, is obliged to comply with the EU General Data Protection Regulation (GDPR), and continues to be compliant with ISO 9001 while considering ISO 14001 certification.

case-study automotive

THE SOLUTION

Our customer’s users have chosen and are using the grc-boxx solution (grc = governance, risk management and compliance) to organise their compliance efforts efficiently. The selected compliance standards (iatf, iso, vda) have been imported and requirements have controls linking to each other, where applicable. This has reduced the number of controls required for compliance by one third (1/3).

Controls are supported by “evidence” in the form of documents uploaded in the GRC-Boxx or links to other systems, registrations that need to be filled-in, and procedures that have to be followed. The entire organisation can be involved in the process, as tasks can be assigned as necessary, monitored by the GRC-Boxx which sends reminders and triggers the appropriate escalations if necessary. Sustaining a high level of organizational involvement is necessary when in the process of becoming or staying compliant in regulated business environments.
The grc-boxx offers additional functionality, like:
  • Single Sign-On (SSO) supporting a variety of means of authentication:
  • Flexible, customisable procedures
  • Full GDPR compliance, including a data-breach process
  • Incident management
  • Internal & external audit support
  • Supply-chain compliance (sending requests, collecting responses)
In addition to this, it is also possible to extend its functionality with your own process(es).
Request a demo
Our website uses cookies from third-party services to improve your browsing experience.
Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our Privacy Notice. The link can be found in the footer area of this window.
Required
Tracking
We use Google Analytics to understand how visitors engage with our website . If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google.
Required
Google Maps
This website uses Google Maps to display our office address and provides directions to our offices from a location supplied. If you do not ask for directions, your location will not be tracked.
Privacy Notice