The changing insurance sector

The growing demands on modern corporate governance are making enterprise management more complex than ever. The expectations for higher efficiency often clash with:


  • Increasing regulatory pressure   
  • More interlinked global economy
  • Digital transformation
  • Higher requirements on management for transparency   
  • Internal and external motives for more transparency and
    traceability in decision-making


The insurance industry, in particular, is subject to fast-changing legal regulations and dynamic capital markets. The new EU data protection regulations or Solvency II with its mandatory “own risk and solvency assessment” (ORSA) are just two examples why companies need to take action in the areas of data protection and risk management. 


To address these challenges, insurance providers must develop processes and establish standards for modern, efficient enterprise management. Governance, risk and compliance (GRC) processes are taking on a more important role. 



Core responsibilities of top management 


GRC entails much more than individual processes such as an internal control system, compliance or risk management. It combines all capabilities that enable organizations to reliably achieve their goals, cope with uncertainty, and take action with integrity.


Establishing GRC processes and overseeing their ongoing development is one of the main responsibilities of top management – not only due to the clear benefits it can generate across the company. Andreas Wartenweiler, who as Director Risk Management was responsible for implementing an integrated GRC concept at the Swiss insurance company Helsana, confirms this: “Supporting and consulting the management team can lay a valuable foundation to build profitability, business value and corporate sustainability.”  


These types of processes generate synergistic effects, promote collaboration, and ensure long-term performance. GRC sets the guidelines for transparent, sustainable enterprise and performance management that weighs risks and opportunities to generate value. Companies with a comprehensive GRC concept also have more resources to utilize opportunities because they have a better understanding of the risks and contingent liabilities. 



Individual software solution

All companies want to differentiate themselves from competitors – in their market presence, product and service offerings, operational and organizational structures, but also their business and GRC processes. GRC software, therefore, must be very flexible in order to map the designated processes and grow with them over time.


As Director Risk & Compliance at the health insurance provider Visana, Bertrand Volken also served as project owner for the implementation of risk2value. He summed up the rollout as follows: “The specific customizing and configuration options of risk2value are outstanding. The tool has an intuitive design which makes it possible to make changes quickly and easily on our own. This was one of the decisive criteria that convinced us to choose [avedos as] the vendor.” 


Many insurance companies are taking the first steps in implementing integrated GRC projects. The Swiss insurers, Helsana and Visana, are pioneers in this field and use risk2value from avedos to map their integrated GRC approaches. At UNIQA in Austria, risk2value lays the foundation for information security management and enterprise risk management. Vienna Insurance Group also uses risk2value to map various topics in the field of IT governance. 



  • ICSInternal control system in the insurance industry
  • ISMSInformation security management in the insurance industry
  • RISKRisk management in the insurance industry
  • CMCompliance management in the insurance industry
  • VisanaCustomer reference, Visana

About avedos

We are driven by our belief that the sustainable success of innovative organizations is strongly influenced by a profound enterprise Governance, Risk and Compliance (GRC) strategy. As a vendor of GRC solutions, we center our efforts on enabling European companies to recognize GRC as a core value driver in enterprise management. As a partner, we support our clients to continually develop the maturity of their organizational processes.


Our software solutions enable the digitalization of GRC processes and anchor them efficiently within the organization. Our software platform risk2value builds a bridge between operational levels and top management by allowing them to link different GRC information across multiple business functions so that they develop a common frame of reference for transparent decisions on various management levels.


The largest and most successful energy providers, insurance companies, banks, telecommunication companies and retailers place their trust in us and run their GRC processes on the GRC platform risk2value.





Get in touch with our experts – personally or through our online contact form.
We look forward to hearing from you!

Romana Hanig



Romana Hanig
Sales & Account Manager

+43 1 3670876-136

Contact us