YICE

RISKMANAGEMENT AND COMPLIANCE MADE EASY

Flexible

Control framework independent

Functional

Practical and modern design

Secure

Encryption, own subdomain, 2FA

 

 

YICE guides in the controls jungle

Import, create and combine your own control frameworks,
ISO, NEN, BIO, DNB, FedRAMP, EBA, NIST and many other

Heartbeat

Always an accurate compliance insight, so you can manage and adjust where needed

Filter

See and manage only the topics that are relevant for you

Vigilance

Manage your risks based on inherent, actual and/or net risk levels

 

Work together

YICE is a GRC platform that boosts collaboration! Give access to your security officer, auditor, CEO, business managers, system administrator, risk manager and external supplier. Every YICE user will be provided with the access rights needed to see and do what is part of their work. Nothing more, nothing less.

Self-configurable

Configure your own colours for risk levels, risk/control alert criteria, professional jargon for control maturity levels, logfile retention period, authorization roles and privileges, etc. YICE can be tuned to your specific demands, without the need to hire expensive consultants.

Plan-Do-Check-Act

YICE doesn’t dictate but supports your PDCA-cycle. Define your assets, issues, threats, risks, controls and objectives. Execute the risk treatment plan according to your own schedule and priorities. Evaluate control (framework) effectiveness and act upon it. YICE will guide you via intelligent risk-based monitoring and alerts. You can receive daily or weekly e-mails with topics that need your attention.

Document upload

Upload your own documentation, e.g. policies, processes and ISO certificates of your third-party suppliers. Documents can be linked, fully encrypted, to individual items. And if you are more reassured to keep certain information on your own environment, then simply refer with hyperlinks to your documentation on Confluence, Sharepoint, Wiki or network shares.

Test once, comply to many

In YICE you have various options for linking controls from different frameworks. For example, you can indicate that ‘making back-ups’ is an ISO 27001, GDPR and SOC2 control. In this way, the audit process can be carried out effectively and efficiently and you will be able to answer compliance related questions from regulators, your customers and other stakeholders.

Import and export

Import control frameworks, your risk register, assets, improvement actions, audit results, etc. In addition, you can download reports (pdf) in every module, and make exports (csv). This can be useful, for example to enrich your data or import certain information into your datawarehouse.

Benefit from 35 years of experience

YICE is build from practice and the daily challenges of specialists in several industries

 

Security comes first

To secure your information, is our first priority

ISO 27001 certified

This means that the information security management system of YICE B.V. demonstrably meets the strict requirements of ISO 27001. We believe this is not only important for our hosting provider and the data centers, but also for ourselves. The ISO 27001 certification makes a significant contribution to the professionalism of our services and to customer confidence in the information security of the GRC platform YICE.

Security and continuity features

  • Fully separated client environment (own subdomain: ####.yice.nl)
  • Secure connection (HTTPS with class-leading SSL-certificates)
  • Two factor authentication (app or email)
  • Full database encryption
  • Exhausive logging on user activities
  • Role Based Access Control (RBAC)
  • Managed VPS (SaaS) at Dutch hosting provider
  • Data in Dutch ISO 27001 certified datacenters (Tier3+)
  • Four different back-up strategies (VPS, subdomain, database and file)
  • Continuity of services (e.g. optional Escrow SaaS)
  • Exit protocol

Fully automated pentests. Reports with detailed findings
available for inspection on request.

And much more, like client defined time-out period, log-file retention period, IP-whitelisting and password policies.

Transparant license model

Choose a license model based on your current needs. Easily upgradable with extra users and controls. Pricing is per year.

tekst

Business

€ 2950

3 users

max. 300 controls

4hrs free set-up support

Enterprise

€ 7950

25 users

max. 1500 controls

8hrs free set-up support

10+

Control frameworks

35

Years of experience

24/7

Availability

1.000+

Controls