How Carrier Developed a Comprehensive Aligned Risk Structure

In the latest installment of our Spotlight on Success series, Meghan Boyd (Senior Manager, Business Controls), Shawn Hafner (Director, Internal Controls), and Craig Hansen (Director, Digital Technology Audit) at Carrier Corporation share how they leveraged AuditBoard’s connected risk platform to develop a comprehensive aligned risk structure. 

Hear how this team empowered risk owners to see the results and impacts of their risks throughout the entire organization by switching from an inflexible legacy solution to AuditBoard, including:

• Leveraging AuditBoard’s connected risk platform to boost operational efficiency and empower risk owners to see the results and impact of their risks throughout the entire organization.
• Seamlessly implementing a new solution to allow their global teams to use the software with minimal disruption. 
• Connecting all of Carrier’s risk assessments into a comprehensive aligned risk structure.

What prompted Carrier to look for a new solution?

Craig Hansen (Director, Digital Technology Audit): “When Carrier became a separate entity from our parent company, our previous solution no longer worked. It was very customized and inflexible. We really needed something that we could quickly set up and implement in a short time period. We needed a solution that gave us the flexibility to redefine what our internal audit processes were, without discarding what worked previously.

We are a global organization with global audit teams. We needed a solution that allowed our team members in China, India, and around the world to be able to use the software with minimal disruption.” 

What were your main priorities when you started to use AuditBoard?

Meghan Boyd (Senior Manager, Business Controls): Our main priority was connecting all of Carrier’s risk assessments into a comprehensive aligned risk structure. That’s why we used RiskOversight. We used RiskOversight’s enterprise risk management process to house our entity-based risk assessment and to report and track those assessments. When you do an entity-based risk assessment, the risk owner should be able to see the results and impact of their risks throughout the entire organization. With AuditBoard’s parent structure, each risk owner can now see the results of their risk at every entity that we’ve assessed.”

How does AuditBoard help drive risk ownership for the business?

Shawn Hafner (Director, Internal Controls): “Driving risk ownership is an important step in the process. Issues and controls aren’t necessarily owned by internal audit. Instead, it’s the business and the end users who own the process, the controls, and the issues for remediation. Now, if people want to take a look at issues that are open, or specific to their particular environment, they can do so. What they see will now be consistent with what internal audit is looking at.” 

Meghan Boyd (Senior Manager, Business Controls): “Every single person assigned to self-assess a control, or that’s assigned to do SOX testing, is touching that control throughout the year. That applies to everyone throughout our organization across the globe. That brings an awareness to our organization that goes beyond anything I’ve seen at any other company.”