Control framework independent


Practical and modern design


Encryption, own subdomain, 2FA



YICE guides in the controls jungle

Import or create your own control frameworks,
ISO 27001, SOC2, ISAE 3402, ISO 9001, GDPR, NIST, ISO 27018 and other


Always an accurate compliance insight, so you can manage and adjust where needed


See and manage only the topics that are relevant for you


Manage your risks based on inherent, actual and/or net risk levels

Work together

YICE is a GRC platform that boosts collaboration! Give access to your security officer, auditor, CEO, system administrator, risk manager and external supplier. Every YICE user will be provided with the access rights needed to see and do what is part of their work. Nothing more, nothing less.


Configure your own colours for risk levels, risk/control alert criteria, professional jargon for control maturity levels, logfile retention period, authorization roles and privileges, etc. YICE can be tuned to your specific demands, without the need to hire expensive consultants.


YICE doesn’t dictate but supports your PDCA-cycle. Define your assets, issues, threats, risks, controls and objectives. Execute the risk treatment plan according to your own schedule and priorities. Evaluate control (framework) effectiveness and act upon it. YICE will guide you via intelligent monitoring and alerts. You can receive daily or weekly e-mails with topics that need your attention.

Document upload

Upload your own documentation, e.g. policies, processes and ISO certificates of your third-party suppliers. Documents can be linked, fully encrypted, to individual items. And if you are more reassured to keep certain information on your own environment, then simply refer with hyperlinks to your documentation on Confluence, Sharepoint, Wiki or network shares.

Test once, comply to many

In YICE you can link controls to multiple control frameworks. For example, you can indicate that ‘making back-ups’ is an ISO 27001, GDPR and SOC2 control. In this way, the audit process can be carried out effectively and efficiently.

Import and export

Import control frameworks, your risk register, assets, improvement actions, etc. In addition, you can download reports (PDF) in every module, and make exports to Excel. This can be useful, for example to enrich your data or import certain information into Power BI.

Benefit from 35 years of experience

YICE is build from practice and the daily challenges of specialists in several industries



Watch the YICE demo video



Security comes first

To secure your information, is our first priority

Security and continuity features

  • Fully separated client environment (own subdomain: ####.yice.nl)
  • Secure connection (HTTPS with class-leading certificates)
  • Two factor authentication (app or email)
  • Full database encryption
  • Exhausive logging on user activities
  • Role Based Access Control (RBAC)
  • Managed VPS (SaaS) at Dutch hosting provider
  • Data in Dutch ISO 27001 certified datacenters (Tier3+)
  • Four different back-up strategies (VPS, subdomain, database and file)
  • Continuity of services (e.g. optional Escrow SaaS)
  • Exit protocol

Pentest report with detailled findings,
available for inspection

And much more, like client defined time-out period, log-file retention period, IP-whitelisting and password policies.

Transparant license model

Choose a license model based on your current needs. Easily upgradable with extra users, control frameworks and controls. Pricing is per year.



€ 2950

3 users

2 control frameworks
300 controls

4hrs free set-up support


€ 7950

25 users

10 control frameworks
1500 controls

8hrs free set-up support


Control frameworks


Years of experience