Streamlining complexity for improved efficacy
"The Digital Manager 360 solution helped streamline our security processes through the use of workflow and automation, effectively elevating our technology GRC program through operational efficiencies, network integration and real-time visibility."
MANAGER, TECHNOLOGY GRC, AFLAC
At a Glance
When Aflac's global security team set out to revamp their technology governance, risk and compliance (GRC) processes, they embraced the opportunity to create an even stronger program through automation. Aflac needed greater visibility into technology GRC activities, as well as a single platform to improve document management and act as a central source of the truth accessible to all stakeholders. Digital Manager 360 was selected and implemented to improve transparency and accountability. It helped the Aflac global security team save on time and resources for a more intelligent approach to risk management.
Fortune 500 company Aflac, recognized globally by their popular Duck ad campaign, provides financial protection to more than 50 million people throughout the U.S. and Japan. For 62 years, Aflac's voluntary insurance plans have provided policy holders with peace of mind so they can focus on recovery, not financial stress, often paying eligible claims in just a day through its trailblazing One Day PaySM initiative.
Aflac has been recognized in Ethisphere's World's Most Ethical Companies list for 11 consecutive years. “You don't just appear on Ethisphere's list,” said Aflac Chairman and CEO Dan Amos, “you have to earn it, and ethics starts with good governance, a strong compliance program, and an overall desire to do the right thing for your customers and shareholders.”
Aflac's global security team relied on manual processes for technology GRC. Emails, spreadsheets, and network drives served as primary communication and file storage tools. While sufficient initially, these tools would not scale to support a more comprehensive global security management system for a broader and more efficient technology GRC program.
As Aflac began to strengthen its information security program, it identified critical pain points. The global security team wanted, first and foremost, to improve the accountability for stakeholders in the processes. They also wanted better visibility into past and ongoing technology GRC activities. Finally, a dispersed geography of stakeholders from North America to Asia required a combination of phone calls, emails, and meetings in order to remediate risk findings. This resulted in wasted resources and, more importantly, time - which was needed to focus on reducing risk.
Aflac, convinced of the need for improved efficiency, identified automation as both a solution and an opportunity to amplify and expand its technology GRC efforts.
To read the full customer success story and take a closer look at how Aflac capitalized on a technology GRC revamp, click below.
Shortly after implementation, Digital Manager 360 provided immediate return on investment. According to Anthony Raciti, Aflac's Technology GRC Manager, “[Digital Manager 360] helped streamline several of Aflac's security processes through the use of workflow and automation.” By reducing reliance on spreadsheets and emails to manage their remediation efforts, the Aflac technology GRC team improved accountability, visibility, and efficiency.
Aflac's impressive global security processes have been well-defined and codified. The strong foundation they already had in place gave them the ability to capitalize on the benefits of Digital Manager 360, including its Workflow and Digital Audit Trail. According to Raciti, “[Digital Manager 360] is attractive to us because it affords us the efficiencies over the manual processes we used to perform.”
As global security and GRC continue to mature, Aflac's global security team appreciates having a central repository for technology GRC documents and activities accessible to stakeholders, regardless of location and time differences. The team can do more with fewer people and resources. The team now also has the ability to collaborate with other parts of the business to identify and mitigate redundant risks through information-sharing.
Using Digital Manager 360, Aflac's technology GRC team reports key metrics, including:
- Number of security issues
- State of outstanding security issues
- Risk rating associated with each security events
- Policy and standard exceptions and approvals.
Why SAI Global
SAI Global's Digital Manager 360 is known by information security professionals and industry thought leaders as a cost effective and efficient path to IT GRC automation.
In lieu of the traditional vendor relationship, Aflac partnered with SAI Global to manage their IT GRC initiatives. When faced with the challenge of adapting Digital Manager 360 to conform to Aflac's unique processes, SAI Global worked hand-in-hand to find a solution that would support Aflac's current and long term goals.
Aflac was also confident in the software's ability to demonstrate immediate and long-term return on investment due to its out-of-the-box features as well as flexible functionality. Aflac deemed the Digital Manager 360 implementation team as diligent, experienced and hardworking.