Pharmaceutical and medical device companies are in a unique space as organization are facing an increase in competition, payors are restricting reimbursement, and value chains are changing rapidly. 

Rigid corporate governance and internal control guidelines are the norm. Also, pharma and medical device companies must provide confidence to stakeholders that the organization is in compliance (e.g., Foreign Corrupt Practices Act, Health Insurance Portability and Accountability Act (HIPAA), etc. Together with banking, pharmaceutical and medical device businesses are probably where the highest fines for non-compliance exist. Given the potential consequences of non-compliance, a strong focus on compliance is obvious. Additionally, these businesses must demonstrate that risks are understood and actively managed, and that a sustainable process is in place. Centrally codifying the risk management processes and storing the data where it can be analyzed, evaluated, and seen in real-time has shown to have tremendous benefits.


Risk has a tendency of being managed in silos. For example, the evaluation of new products is done independent of functional support like information security, post-merger integration is an a priori evaluation, vendors/third parties and contract management organizations are assessed independently, and compliance remains burdened with timely updates and educating the business. We offer highly configurable point solutions to address these types of risk such as internal control, enterprise and operational risk management, vendor/3rd party management, and regulatory compliance. Moreover, our platform of solutions integrate to support your organization’s total risk profile via a common taxonomy, metrics/measures, approach, and reporting. This ultimately culminates in a complete overview of the business’ risks, supporting processes, and internal controls.


BWise’s solutions enable an organization to efficiently support its risk management programs. Our solutions provide the user with a user-friendly interface. This allows users to tailor the solution to their role, responsibilities, and accountabilities. It streamlines the information for the user to the most salient points and actions that are required. Dashboards provide real-time information on risk making risk assessments dynamic. This enables individuals to communicate quickly, coordinate ideas, and take action throughout the value chain process. External data feeds from vendors, cyber sources, and regulatory changes can be seamlessly integrated into the solution(s) and can be shared with the business, signals to update policies and procedures, or to reevaluate particular business risk topics. Reports on a corporation’s controls and its framework can be easily generated from the BWise solution and shared with stakeholders. This, for example, may be used to articulate the underlying risk processes and data to regulators. Regardless of the use, our solutions help codify risk management practices, allow for real-time views of the risk profile, and facilitate the construction of custom views of information to create efficient management and evaluation of risk.


  • Although anti-bribery regulations are not necessarily specifically focused on life sciences firms, the strong relations between research, the government and the business makes life sciences susceptible to bribe. It is of the highest importance that firms implement a strong policy management system, including regular training and policy attestation. This way firms can protect themselves top-down. It also necessitates implementing and sustaining a strong compliance monitoring system. This requires regular testing of controls as well as real-time data analysis. Strong integration with underlying systems, as well as PEP-lists, black-lists, etc. ensures that all payments to third parties are compliant, verified, and audited. The data integration and data analysis capabilities already help the world’s largest life science firm to stay on top of anti-bribery and fraud.

  • BWise has enabled Roche, the world’s largest biotech company and BWise customer, to enhance its efficiency and effectiveness of financial reporting and control processes across its global organization. This enables Roche to easily define, monitor, and mitigate its risks, based on both the global and the individual requirements of each business unit.

  • BWise enables the corporation to dive deep down into its data and focus on specific risks and controls and examine how they affect the overall enterprise. BWise provides a profoundly insightful and complete GRC solution by enabling executives and managers to take both a broad view as well as the underlying (deep dive) details needed to actively thwart unwanted exposures. 

To find out more, read how Roche implemented effective Corporate Governance for enhanced internal control over financial reporting or contact us to get a demo.

More Information

Related Content:

Case Study - Effective Corporate Governance at Roche for enhanced internal control over financial reporting.

Scroll up