With 22+ million customers in 11 countries, the PARK NOW Group offers a suite of comprehensive parking management solutions. Under their four brands, PARK NOW, Parkmobile, Park-line and RingGo, they offer user-friendly mobile apps that simplify parking. With more than 155,000,000 parking transactions a year, being able to demonstrate compliance is key for the PARK NOW Group. That’s why Goverance, Risk & Compliance (GRC) plays a prominent role in their business.
Due to national and international laws and regulations and standards, the PARK NOW Group needs to demonstrate compliancy with e.g. ISO27001, PCIDSS and ISO9001. Therefore, a substantial portion of the overall organizational cost structure is allocated to the Risk and Compliance Dept. Their departmental (sub-)goal, demonstrating compliancy to external auditors, led to many manual, labor-intensive and inefficient tasks. This had a significant financial impact, but also increased the risk of non-compliance. This was related to missing evidence, as no central repository was available. The auditability of the PARK NOW Group closely linked to the visibility and availability of control (audit) evidence. Therefore, they needed an efficient, robust and reliable standardized process for control (audit) evidence collection.
We used the out-of-the-box Governance Risk & Compliance module in ServiceNow’s integrated Enterprise Service Management to automate the process of collecting all key control (audit) evidence documentation of the PARK NOW Group. Utilizing standardized GRC workflows, control attestations, indicators and the integrated Unified Compliance Framework (UCF), we have drastically reduced the operational risk of non-compliance. A single system of records, central repository of controls and control evidence has enabled the Risk and Compliance Dept to shift away from traditional, uncoordinated and inefficient means of communication (email, phone calls, Excel sheets, etc.). As a result, they are now a more efficient and value adding department.