Domestic & General simplifies and speeds up compliance initiatives with SureCloud®
Founded over 100 years ago, Domestic & General (D&G) provides more than 13 million customers with product protection for their electrical appliances, by offering extended warranty services on behalf of many leading brands in the manufacturing, retail and financial services sectors. To develop and manage an ongoing Governance, Risk and Compliance (GRC) strategy, D&G recruited a Chief Information Security Officer (CISO), who in turn selected SureCloud to help deliver the strategy.
Numerous compliance challenges at D&G
With regulatory and trading partner compliance requirements increasing, developing a new GRC strategy was a considerable remit, particularly given the nature of D&G’s business – working with millions of customers and over 160 partners. “Companies need to seek and provide independent evidence that effective controls are in place to satisfy good governance, in order to secure current and future business,” noted Vince Pillay, CISO at D&G. “This translated to considerable challenges for our organization.”
A number of GRC initiatives were planned at D&G, including:
• PCI DSS compliance programme
• Supplier assurance
• Breaking down of GRC silos
• Creating a central version-controlled evidence repository
• Self-service capability for due-diligence questionnaires
• Centralising the capture and analysis of information, instead of sending out spreadsheets
• Making GRC a continuous, business-as-usual (BAU) activity
Like many organizations, D&G previously relied heavily on the use of spreadsheets to gather and store all compliance-related information, which posed a number of problems. “The limited manageability of spreadsheets and lack of centralized control made it difficult to devolve and consolidate information,” explained Pillay. “It was particularly frustrating having to then repeat many of the activities for other GRC requirements. We were crying out for a solution to make our GRC processes more efficient.”
Domestic & General was looking for a method to help it automate and coordinate all areas of compliance, which could also adapt to the evolving GRC landscape. Pillay and his team wanted a flexible solution that would maintain their existing processes as much as possible while delivering a rapid return on investment.
Find out how SureCloud solved this issue by downloading the full case study.
Learn more about SureCloud’s GRC Applications here.