Meet the 2023 Winners of the GRC 20/20 Best in Class Awards

3 min read


We have some exciting news to share. Two of our customers were recently awarded the 2023 GRC 20/20 Best in Class Awards for their outstanding accomplishments in enterprise IT GRC management and compliance management.

Congrats to Guidewire and Zurich Insurance on their much-deserved wins. We’re honored to be part of their journeys towards building successful governance, risk, and compliance (GRC) programs that accelerate business growth, strengthen resilience, and deliver high-value impact.

Here are these companies’ inspiring GRC stories.

Guidewire: Best in Class Enterprise IT GRC Management - Medium Enterprise

In today’s hyper-connected digital world, an IT risk in a seemingly insignificant area of the business can have a profound and cascading impact on the whole enterprise. Many organizations approach these risks reactively – putting out information security fires as and when they arise. But with security breaches increasing, it’s extremely important for IT teams to step back and think strategically about how to streamline resources and monitor IT GRC across interconnected information and technologies.

That’s exactly what Guidewire has done. The California-based solutions provider for insurers set out to replace their siloed and manual GRC program with true risk management processes aligned to business needs and stakeholder value.

The company began by implementing consistent risk assessments and metrics, establishing financially accountable owners for risks and issues, and developing an integrated GRC strategy with a cross-functional GRC steering committee. MetricStream was chosen as the GRC platform to manage policies, controls, compliance, risks (including vendor risks), and business continuity.

Using automation, Guidewire has sped up its risk management processes and reduced open issues by nearly 40%. Risk visibility has also improved, thanks to better reporting and regular cross-business communication. Issues no longer fall through the cracks, resources are deployed effectively, and resolution is tracked systematically through the MetricStream platform.

Since risk owners are clearly assigned, each one can move quickly in the case of an unexpected event. They communicate regularly through dashboards and continuously update views of risk and associated metrics. Unlike before, when they operated in silos, risk owners are now a connected team run on a single GRC platform.

All these efforts make Guidewire a true leader in IT GRC. 

Download the award-winning case study: Guidewire Optimizes Cyber GRC Risk and Compliance with MetricStream

Zurich Insurance: Best in Class Compliance Management - Large Enterprise

Today’s organizations are dynamic and constantly changing. They’re entering new markets, releasing new products, establishing new vendor relationships, and dealing with new regulations – all of which increase compliance risks. To mitigate risk exposure, organizations need to be proactive about monitoring compliance with legal requirements, regulations, policies, and ethics. That means moving away from the compliance silos of the past towards a more integrated approach that strengthens compliance visibility and agility.

Zurich Insurance has embraced this approach. The multi-line insurer, which serves over 210 countries and territories, has modernized and streamlined its compliance, policy, and risk management processes for optimal efficiency. 

Using MetricStream Compliance Management, the company has built a single source of truth to manage its entire global compliance operations. Automated and standardized workflows strengthen compliance efficiency. 

Meanwhile, a centralized compliance policy portal makes it easy for front-line employees to access the latest policies in a secure manner. The company has also streamlined policy creation, approvals, versioning, and discovery.

With real-time visibility into compliance risks and findings, teams can make more confident decisions. At the click of a button, they can see how risks are linked to controls, testing plans, and more. Dashboards and reports provide timely compliance insights, enabling the compliance team to more effectively meet its objective of providing trusted advice to the business. 

Even regulatory changes and updates are proactively captured and managed to ensure that the company is always compliant. This is what makes Zurich Insurance an award winner. 

Download the award-winning case study: Zurich Insurance Modernizes Compliance with MetricStream 

Congrats again to the award winners for setting new standards in GRC. It’s our privilege to work with companies that are finding innovative ways to thrive on risk, strengthen compliance, and demonstrate good governance.

Pat McParland

Patricia McParland AVP – Marketing

Pat McParland is AVP of Product Marketing at MetricStream. She is responsible for creating product messaging, product go-to-market plans, and analyzing market trends for MetricStream's compliance and third party risk product lines. Pat has more than 25 years of financial data and technology marketing experience at Fortune 1000 brands as well as startups and has led product and marketing teams at Dow Jones and Dun & Bradstreet. She has a BA from the College of William and Mary and lives in Summit, New Jersey.