Swiss GRC

Integrated risk, compliance and security management with the GRC Toolbox

In conversation with:
Mirko Hegi
Mirko Hegi
GRC Expert
Integrated risk, compliance and security management with the GRC Toolbox
PostFinance is one of the largest financial institutions in Switzerland and offers a wide range of banking services.
Company size
Risk Management
Information Security (ISMS)
Third-Party Risk Management (TPRM)
Internal Control System (ICS)
Data Protection Management
Business Continuity Management (BCM)
Contract Management
The collaboration was on an equal footing right from the start, thanks to mutual understanding on both a professional and human level - we speak the same language.

Find out how PostFinance uses our solutions successfully.

With the GRC Toolbox from Swiss GRC, PostFinance has implemented a central solution that makes it possible to fulfill external and internal requirements in the areas of risk management, internal control system (ICS), business continuity management (BCM), information security management (ISMS), data protection and contract management in a transparent, pragmatic and sustainable manner.

A key advantage of this solution is its high level of acceptance among users. The system offers user-friendly access to relevant information, automatically reminds users when tasks are due and ensures an appropriate escalation procedure. The implementation of workflows has made it possible to establish uniform and comprehensible GRC processes for all those responsible.

Another success factor is the consistent decentralized approach, which has firmly anchored the solution in the various areas of the company. The company originally began using three or four GRC Toolbox apps, but ten are now in use. This underlines the user-friendliness and success of Swiss GRC’s GRC approach.


  • PostFinance was looking for a modern GRC solution and found the best option in the GRC Toolbox from Swiss GRC.
  • The GRC Toolbox enabled PostFinance to efficiently meet the requirements in various business areas, with a particular focus on risk management and compliance.
  • The user-friendliness of the GRC Toolbox led to a high level of acceptance among users, who benefited from automatic reminders and easy access to relevant information.
  • Standardized and understandable GRC processes were successfully implemented.
  • The integrated approach has led to the solution being used successfully in various areas of the company.

Similar stories

Haben Sie Fragen zu unseren Lösungen?

Umfassende Digitalisierung Ihrer GRC-Prozesse mit einem Tool, das auf Ihre Governance-, Risiko- und Compliance-Anforderungen zugeschnitten ist.