Binary codes are raining down from a digital cloud with a lock inside.

Enterprise risk management for the Otto Group

T-Systems Alpine supports the Otto Group as competence center for governance, risk, and compliance

GRC solution risk2value offers greatest possible flexibility

Otto Group logo

In spring 2019, the Otto Group commissioned the digital service provider T-Systems Alpine with both the technical concept and implementation as well as the integration of a holistic enterprise risk management system (including ICS and compliance) in the T-Systems GRC cloud (governance, risk, and compliance cloud). The goal was to keep the use cases as lean as possible to enable a fast roll-out and onboarding of the users. A decentralized infrastructure was also connected – the GRC cloud. The risk2value software solution in combination with the GRC cloud allows the greatest possible flexibility through customer-specific configuration in the risk2value system standard. T-Systems pursued a dual consulting approach and combined specialist and technical expert advice. In order to provide the customer with the fastest possible results and greater freedom of adaptation, an agile implementation approach with a focus on core functionalities was chosen, which can be successively expanded with later roll-outs.

The cooperation with T-Systems Alpine was very constructive right from the start. The flexibility, quality of the results, and fast implementation particularly impressed us.

Andre Jacubczik, Manager Risk Management & ICS of the Otto Group

The challenge

Risk management takes place in many corporate groups, both in different systems and with different functions, and with a wide variety of processes, concepts, and use cases. The integration of all these areas is a challenge in itself, which the Otto Group has taken on with the “smartRISC” project. A consistent project team at T-Systems, consisting of specialists from the GRC area, worked closely with the Otto Group from the very beginning. T-Systems was the sole contact for communication and coordination with the customer. The close cooperation and regular exchange (weekly jour fixe, coordination both remotely and on site as required) was extremely important, as T-Systems was also responsible for the “knowledge transfer” and training of selected employees.

We look forward to your project!

We would be happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitalization plans. Get in touch!

The solution

Enterprise Risk Management lettering against a blue background with a map of the world.

The software risk2value from Austrian software company avedos formed the basis of the project. With the GRC cloud, T-Systems Alpine offers a unique solution and is thus the competence center for the GRC field within T-Systems International as well as within the DTAG group. T-Systems was chosen after a tender and two-month test of a prototype (Proof of Value – PoV), which proved the feasibility of the Otto Group’s specific requirements. Decisive factors for choosing T-Systems included its extensive expertise in the field of the GRC cloud and a range of reference customers such as Wienerberger AG and Wiener Städtische Versicherung AG. In order to meet the specified deadline, the minimum viable product of the enterprise risk management system was implemented by the GRC team within a demanding timeline. The launch of the first wave of enterprise risk management at the Otto Group took place in July 2019, and the first data collection in the Group was successfully completed at the end of August. One decisive success factor was the involvement of the relevant stakeholders in the solution development process from the very beginning: early onboarding of the users created a high level of acceptance.

Good communication is crucial for success

Above all, the individual and intensive support led to high customer satisfaction. The Otto Group and T-Systems are currently working on the expansion of the existing service scope, which will also involve further development of the tool. The extension includes additional and complementary GRC modules, as well as an expansion of the solution for certain parts of the Group. After a successful launch, work will continue on the further development and expansion of the ERM system “smartRISC” in the GRC cloud. Information security risk management (ISRM) has already been made possible by the GRC team in cooperation with the respective project teams and stakeholders at the Otto Group. Further areas of application are currently being examined. The challenge here lies in particular in the evaluation and identification of cross-functional/module synergies and the development of coordinated, integrated solutions based on these.

About the Otto Group

The Otto Group is a German trading and services group based in Hamburg and, with online revenues of EUR 7.7 billion, is one of the world’s largest online retailers. Its portfolio covers the entire retail spectrum from toy stores to SaaS providers and open-commerce platforms. With around 52,600 employees, the Otto Group is present in more than 30 countries in Europe, North and South America, and Asia. The activities of the Otto Group are divided into three divisions: multichannel retail, financial services, and service. The goods and products are offered through e-commerce and over-the-counter retail channels.

To the customer’s website

Do you visit t-systems.com outside of Germany? Visit the local website for more information and offers for your country.