My main use case for MetricStream is for audit and risk management.

We utilize MetricStream for audit and risk management by developing risk dashboarding and risk library development, standardizing libraries across enterprise organizations where risk management, corporate audit, and other business units can all utilize the same system of record and libraries.

MetricStream's shared system works well across all business units by standardizing similar risks and controls that exist across multiple business units. For instance, IT risk management and information security risk management have overlapping risks and controls, but we standardize them into one centralized risk and control.

The best features MetricStream offers take into consideration all the elements of a full governance, risk, and compliance system from both risk management to corporate audit, being able to develop applications within the solution that meet our needs, having a degree of full customization, as well as reporting, utilizing Infolets and Info Centers to establish reports that may not typically be out of the box and are definitely value-added.

MetricStream's customization and reporting have helped my work significantly. Compared to other systems, we have had the ability to essentially write SQL code that allows us to develop a report in real time that gives us insight into various different KPIs or KRIs leveraged across the organization. In comparison to other systems where you might be limited on what you can develop a separate report on, most of the fields and data captured within MetricStream have been reportable.

A favorite aspect I have regarding MetricStream is a love-hate relationship. The record level security sometimes backfires in terms of configuration, but usually it is relatively easy to work around.

MetricStream has positively impacted my organization by reducing silos across the organization. Having a centralized risk library maintained by risk management allows the corporate audit team to shave time off annual planning and enables more audit work to be done by ensuring validity of risks and controls in the system to support audit testing.

Since implementing MetricStream, audit teams have shaved about two weeks off of annual planning across various teams, allowing audit departments of about 140 auditors across maybe 10 teams to squeeze in 10 extra audits, one audit per each team, if not additional testing.

MetricStream can be improved in several areas. Sometimes the overall flow of the application can seem a bit clunky, based on feedback from clients.

From my understanding and what I have heard from developers within MetricStream during my deeper use of the application, the application seems to have been developed within silos, and the interaction of certain applications internally could definitely be improved in terms of the overall coding that exists between applications within the solution.

The only improvement I suggest for MetricStream is to gather a collaborative think tank from several of the largest clients and compile feedback to prioritize suggested enhancements from multiple organizations.

I have been using MetricStream for a combined total of about six years.

MetricStream is mostly stable.

MetricStream's scalability is adaptable, though the biggest issue I have encountered with clients has been around upgrades that require re-implementing customizations to the out-of-box solutions after significant upgrades.

Customer support from MetricStream has been great. We had to engage with senior management from time to time, but they were responsive and quick in working through our issues.

Before MetricStream, we used Archer, Ideagen, and Thomson Reuters Paisley. We switched because MetricStream was much more robust.

I have not seen specific metrics on return on investment with MetricStream, outside of reducing silos and allowing time savings off of annual planning.

In terms of pricing, setup cost, and licensing for MetricStream, we did run into issues with insufficient licensing, but the ability to acquire new licenses was relatively quick and effortless.

Before choosing MetricStream, we did evaluate other options depending on the client. We chose Archer for one installation and Thomson Reuters for another implementation.

My advice for others looking into using MetricStream is to ensure collective representation from all business units that will be clients of the application across the organization. For example, in a bank, make sure you have audit, risk management, and other departments involved. I would rate this review a 7.