South Africa street

Photograph: Ingo Stiller / Unsplash

The situation

A major supermarket chain operating over 3,000 stores across 16 countries faced mounting challenges in managing operational risks and policy compliance at scale. The retailer's extensive geographic footprint and complex store network created significant control and coordination difficulties. Without a unified framework for risk management and policy oversight, the organisation struggled to maintain consistent standards and respond effectively to compliance requirements across its operations.

The retailer recognised that fragmented processes for managing operational risks, policies, and internal controls posed a material threat to efficiency and regulatory standing. The need to establish integrated risk management across such a large and dispersed network became a strategic priority.

The approach

In response, the retailer partnered with MetricStream, a provider of governance, risk, and compliance (GRC) solutions, to implement a comprehensive risk management strategy. The partnership centred on deploying four core MetricStream products: Operational Risk Management, Policy & Document Management, Internal Audit Management, and Business Continuity Management.

The implementation was designed to create an integrated enterprise risk universe linked to related controls—a framework that would allow the retailer to manage risks cohesively rather than through disconnected systems. This multi-product approach addressed the interconnected nature of operational risk, policy adherence, audit oversight, and business continuity planning.

What happened

The initial phase of the implementation was completed in FY 2023.

The rollout of the four MetricStream solutions delivered measurable improvements in how the retailer managed risk and compliance. The integrated platform streamlined previously fragmented processes, enabling more efficient management of operational risks and policies across the store network. By consolidating these functions into a single system, the retailer improved visibility into risk exposure and control effectiveness.

The implementation provided the retailer with a unified platform to track, manage, and respond to operational risks and policy requirements. This centralised approach reduced duplication of effort and created clearer accountability for risk management across the organisation.

The takeaway

The case demonstrates that large-scale retail operations benefit significantly from integrated risk management solutions. By implementing a cohesive framework linking operational risk, policy management, internal audit, and business continuity, the retailer enhanced operational efficiency and strengthened control mechanisms across its extensive network. For retailers managing complex, multi-country operations, deploying integrated GRC solutions can translate fragmented compliance and risk processes into streamlined, measurable control environments.

Key facts
  • Operates over 3,000 supermarkets in 16 countries
  • Implemented MetricStream's Operational Risk Management, Policy & Document Management, Internal Audit Management, and Business Continuity Management solutions in FY 2023
  • Aims to establish an integrated enterprise risk universe with related controls
Editorial note
Reported by Marta Brugos on July 2, 2026. Verified against: Retailer Accelerates Operational Risk Controls with MetricStream. For corrections, contact [email protected].