Success Story

Implementing AdaptiveGRC – Internal Audit and Recommendations module



Financial Services



Company Profile

Bank Gospodarstwa Krajowego (BGK) is a state-owned national development bank whose mission is to support Poland’s social and economic growth, as well as to aid the public sector in achieving its goals.

As with any other bank, one of the key departments here is the Internal Audit Department (IAD), which is tasked with providing objective opinions and information about the Bank and its subsidiaries, independently assessing internal control systems, as well as performing an advisory role by giving recommendations for improving existing control processes and mechanisms and introducing new ones.

Additionally, IAD is responsible for monitoring known risks and the effects of corrective actions undertaken to eliminate them, and regularly reporting on these to the Executive Board, Auditing Committee and the Supervisory Board.


On completing an audit, the auditors formulate recommendations and pass them on to appropriate departments to implement. They are also responsible for monitoring these implementations and providing up-to-date progress information to the Executive Board as well as periodic status reports to the Auditing Committee and the Supervisory Board.

Before AdaptiveGRC was implemented these recommendations were entered after each audit into an Excel spreadsheet, which was then sent over to each department. In order to verify the implementation of these recommendations, e-mail communication was used, and the information it carried about actions taken, work completed and conclusions arrived at, was then described in separate documents. Obtaining complete information about the progress of post-audit recommendations meant editing the Excel spreadsheet by hand and necessitated team-editing the same file, which was not always possible.

Reports for the executive team were created manually, and at the end of the reporting period it was necessary to re-verify the completion status of each recommendation and create yet another Excel spreadsheet, which greatly added to the laboriousness of the process and was exceedingly time-consuming.

Monitoring the implementation of their recommendations was a challenge for the auditors, as it necessitated a tedious and prolonged process of acquiring and re-filing relevant status information via a series of e-mails and spreadsheets.

Key Benefits

Full control over current implementation and history of recommendations and audits

Up-to-date monitoring of implementation progress

Quick access to detailed information

Automatic notifications about status changes

Quote from main user of the application (Auditing expert)


The bank decided to implement the Internal Audit and Recommendation Management module of AdaptiveGRC as it deemed the system to be most suitable for its existing internal processes regarding this area.

The main goals of implementing the applications were:

  • to facilitate the monitoring of the progress of recommendation implementations,
  • to facilitate simultaneous work for a team of auditors,
  • to enable real-time access to the database of recommendations for bank employees at various levels, and
  • to enable reporting the progress of recommendation implementations to the Executive and Supervisory Boards as well as to the Audit Committee

Important functions of the Internal Audit and Recommendation Management module of AdaptiveGRC

The AdaptiveGRC application enables you to comprehensively manage all your audits and their recommendations. This includes initiating audits, passing on recommendations to relevant departments, monitoring, verification and reporting.

The fundamental functions of the system are:

  • logging information about each internal audit,
  • adding findings and recommendations to audits,
  • managing the implementation of each recommendation in accordance with a pre-defined workflow,
  • real-time monitoring of recommendation implementations,
  • closing reporting periods – status reports for recommendation implementations as of reporting period closing date,
  • recommendation implementation status reporting – reports of current statuses and statuses in selected reporting periods,
  • e-mail notifications on current statuses of recommendation implementations and possible delays sent to the auditing team, personnel responsible for implementing each recommendation, the Boards.


  • Auditors, management, the Board have quick and easy access to current and historical information related to audits and their recommendations, all in one place.

  • You can monitor in real time what stage each recommendation implementation is at, who is responsible for completing it, who made what changes and who participates in the verification process.

  • The app sends automated e-mail notifications about status changes, delays, and upcoming deadlines, which makes it possible for you to promptly react to the activity of relevant departments and teams.

  • Each user has access to current data and can work whenever they want thanks to the app’s simultaneous work capabilities.

  • The reporting function can show your information in its current status, as well as in each reporting period, and in ranges dependent on your system privileges.

  • All data is stored in one place, so it is very easy to check interdependencies.

Companies That Trusted Us: