The global provider of security technologies Giesecke+Devriant relies on the software platform risk2value.

G+D makes life safer for billions of people and strives to become the global leader in security technology for both the digital and physical world.


Payment: Secure physical, electronic and digital payment processes

Connectivity: Safe IoT connectivity for mobile devices

Identity: Identity checks and authentication of people and things

Digital security: Protection of classified data, communication channels and critical infrastructures


Fast facts*

  • 32 countries
  • 72 companies and joint ventures
  • 11,400 employees worldwide
  • 2.25 billion euros in revenues



From a fragmented system landscape to efficient risk management

The reporting process at G+D had become inefficient due to various IT systems and accompanying interfaces. Presenting the risk situation involved a considerable amount of manual work and coordination, and this information was only used to a limited degree in the decision-making process. As the requirements grew within its new group structure, G+D addressed these challenges head on and defined the following objectives for risk management:


  • Proactive, early risk detection
  • Efficient risk organization and processes
  • Continual monitoring and routine reevaluations


The main requirements for the software solution included:


  • Easy scalability for enterprise usage
  • Extensible GRC platform
  • Revision-proof archiving



"The ever-increasing globalization, stronger regulations and distributed value chains are raising the bar for transparent enterprise risk management."

Pia Burkarth, Corporate Risk Manager


Implementation of risk2value

At the end of a thorough selection process, G+D chose risk2value. The project phase kicked off with an analysis and design workshop. Here the project team profited from the vast experience of avedos and brought home several quick wins before implementing and integrating the platform risk2value. Eight months after its start, the project was rolled out.


Drivers for a successful project implementation:

  • Management buy-in across all companies and regular meetings of the steering committee
  • Early integration of all relevant stakeholder groups and GRC functions
  • Strong knowledge and awareness of effects on other strategic projects
  • Interdisciplinary project team
  • Start small, think big (GRC process with standard workflow and step-by-step enhancement)
  • Future development of the GRC platform


Planned enhancements in risk2value:

  • Information security management system
  • Project risk management
  • Internal control system
  • Compliance management



"We are confident to extend our GRC platform with additional domains in the future. With risk2value, we can individually add further processes in the direction of an integrated GRC."

Martin Gratz, Global Risk Manager Business Sector Mobile Security

Source:dpa/Frank Leonhardt