GRC Success Story: How dnata Integrated Firm-Wide GRC Processes with MetricStream
- Audit Management
- 16 July 24
Introduction
At the recently held GRC Summit 2024 in Baltimore, David Story, Vice President Health, Safety, & Environment, dnata, provided the audience with a detailed overview of their GRC journey experience with MetricStream.
Dubai National Air Travel Agency (or dnata) was established in 1959 through a government decree. It set up its first international business in 1993. Gradually, over the years, it has seen significant growth across all its business units.
Here are the excerpts from David’s session on “dnata’s Integrated GRC Transformation”.
GRC Program Objective
David: Our foremost priority is safety and security. Through a series of SMART objectives, we're building a best-in-class, health, safety, and environmental system, or HSE ecosystem, as we call it. Over the next few years, up to 2027 and beyond, through our medium-term plan, we are striving for a best-in-class or world-class status, and central to delivering on that goal is the effective use of our GRC platform.
Within dnata, MetricStream is the product that we use, and we have done a number of modifications and upgrades through MetricStream over the years. We refer to it within the company as “dnatahub”, which is everything we do from a GRC perspective.
So, in terms of why GRC is so important to us -- central to that is our safety management system, or SMS. SMS is essentially the bedrock of everything that we do across four key pillars -- safety policy, risk management, assurance, and promotion. To be able to deliver on the requirements of our SMS, our dnatahub platform is absolutely central to achieving those goals.
GRC Journey with MetricStream
David: So, how has the dnatahub platform evolved over the last few years?
We're now into the 9th year of our partnership with MetricStream, beginning back in 2015 along with our “Global One Safety” initiative. The first pillar in that strategy was rolling out Incident Management, which allowed us to have one platform for reporting safety occurrences across local businesses.
In 2018, there was global expansion – we introduced new applications within dnata in addition to incident management and reporting.
In 2020, we started moving into the continuous monitoring phase, which saw the likes of our Documentation Management System (DMS). We also introduced surveys and inspection through the auditors. We would go out there and report safety hazards and threats to our organization. This was across all three of our operational divisions.
The beauty of DMS is that it can be accessed by any of our team in the world who got access to Office 365 accounts. Examples of a DMS document could be a global safety alert, a new manual, a guideline document, or a new operational standard. All of those are published through DMS and are automatically and electronically tested within the system as well. So, for auditing purposes, it's very, very efficient.
We also launched Observation Management as well. And, through Issue and Action Management we can assign tasks and actions to our businesses around the world.
We're now moving into Phase IV, as we call it, looking at how we scale up as we continue to build our business. We are currently two weeks away from the launch of the Euphrates upgrade as well.
We've built a very strong partnership with MetricStream, and we've now established a very strong governance model as well in terms of performance monitoring.
Business Value Realized
David: What's been key to success is keeping things simple. One of the worst things you can do in my role as a safety professional is over-complicate how you manage safety within your business.
In terms of just some numbers, we have got:
- 20,000+ documents hosted within the DMS platform
- 10,000+ mobile users (around 14,000 to 15,000 currently)
- 40,000+ audit and survey documents accessible within the platform
What gives me great confidence is 400,000+ observations. We actively encourage -- from our leadership level all the way down to the front line -- to report any unsafe behaviors and actions within our business. What we've seen over the last 2-3 years is a considerable increase in the number of safety reports within the business. So that leads to a much more positive and safety-aware culture.
Looking Ahead
Over the next few years, we've got some really interesting challenges coming our way. You would have seen the announcement about the new airport project in Dubai. The target is 2033 for the opening of the new terminal with a capacity of 250 million passengers a year. We already have that airport as we have for the last 10 years, and this will be a significant upgrade to be the world's largest international gateway.
We have two to three new businesses that are going to be coming online towards the end of this year, including a particularly large business in Italy. And it's essential that we look at how we scale up to meet that demand, because we could have potentially 3,000 to 4,000 users within dnata by the end of this year.
Also Read:
