BDO Risk & Advisory Services increases efficiencies with “three lines of defence”

BDO Risk & Advisory Services increases efficiencies with "three lines of defence"
BDO Risk & Advisory Services increases efficiencies with "three lines of defence"

This case study explores how BDO Risk and Advisory Services in the Netherlands, use Ideagen’s Pentana software as a platform to engage with their insurance sector clients to provide outsourced Internal Audit and Risk Management services.

One of the major challenges facing BDO was that the previous technology did not address each of the core functions identified in the three lines of defence model, resulting in a fragmented approach to GRC. In particular, it was identified that risk and control environments needed to work more cohesively in order to maximise the operational benefits achievable through such a model.

John Hijmans, a Partner at BDO Risk and Advisory Services in the Netherlands office, explained this further: “The effectiveness in the cooperation of the three lines of defence was sub optimal. Without a software tool it was difficult to work together in the same formats and processes.”

This would result in documentation of an audit trail not being centralised, automated or concise for anyone. As a direct consequence, BDO realised how difficult this would make maintaining an up to date risk and control environment and the level of cooperation needed through collaborative working, to achieve the three lines of defence.

I highly recommend Ideagen’s Pentana, it provides a powerful tool for audit, risk and compliance departments and will certainly help us to become a better equipped and even more professional organisation.

John Hijmans, Partner, BDO Risk Advisory Services

John commented that: “Other software packages were considered, however Ideagen’s Pentana solution best matched our needs and expectations.”


  • Implements a consistent methodology compliant with international risk and auditing standards.
  • Simplifies global deployment with installation from a website and automatic updates downloaded without user intervention.
  • Optimises performance for use over a wide range of network speeds as well as working off-line to provide a true global working environment for GRC professionals.
  • Pentana can equally be used for Enterprise Risk Management, SOX compliance, investigations, Health and Safety or any application where risk assessment and centralised action tracking are required.

How did BDO increase efficiencies with “three lines of defence”?

The single most important benefit for BDO Netherlands was the ability to gain real-time insight into the risk and control framework. Furthermore, with Pentana, John explains: “There is a clear and well-structured process and insight into the audit trail.”

All of this has added value for BDO in three critical ways:

  • Risk Management, Compliance and Internal Audit can all work with the same tool, which leads to increased effectiveness of the three lines of defence
  • Reports can be easily generated, which aids communication to stakeholders and creates risk awareness.
  • GRC has become more visible, which aids better discussions and thereby functions as a powerful tool in decision making.

The flexibility and configurability of Pentana also makes life much easier for key staff, enabling users to customise areas such as terminology, segmentations (selection lists), audit universe, views, steps library and risks & controls library.

John Hijmans added: “We have found that most parts of Pentana can be tailored to meet our demands. Specifically, the options with views and the options with creating reports are very flexible.”

“Ideagen’s Pentana solution enables BDO Risk and Advisory Services in the Netherlands, to ensure that their customers’ three lines of defence work together more effectively. Additionally, improvements to the quality of key data, means that the client is better able to communicate its risk and control environment to stakeholders such as the Audit Committee and Board of Directors, leaving them feeling much more confident in their ability to measure the key risk and control metrics.

John Hijmans concluded: “I highly recommend Ideagen’s Pentana, it provides a powerful tool for Audit, Risk and Compliance departments and will certainly help us become a better equipped and even more professional organisation.

“Since our first implementation, we have already incorporated Pentana into other proposals because we see an added value in combining our own expertise with professional software that brings everything together nicely and makes the data more tangible.”

About BDO

BDO is a global top-five accounting firm providing independent assurance, tax, financial advisory and consulting services to a wide range of publicly traded & privately held companies.

Implemented by Sepia Solutions

Sepia Solutions implemented Pentana at BDO and trained the key users. We take care of the complete project from A to Z. This includes technicalinstallation, training of key users, automating reports and development of customisation with technical support afterwards.

No need to be left out

This success story clearly illustrates how the Ideagen Pentana software leverages the three lines of defence diciplines. Don’t be left out and allow us to organise on on-site presentation at your offices. No costs, no obligations only additional insights.

    Fill out this form to request an on-site presentation/demonstration.

    This success story was originally published in PDF format in February 2014.