YICE, the versatile and affordable no-nonsense GRC solution, is making good progress.

Later this year it will be possible to manage multiple administrations within one YICE environment. Useful for:
✔️ concerns with multiple subsidiaries. Each subsidiary manages its own assets, risks, controls, actions and objectives. And you can consolidate information to corporate level.
✔️ consultants who manage an ISMS for multiple clients. Within one YICE environment you can quickly switch between different customer environments and you can give your customer access to their own administration.

Of course, with YICE you can still perfectly manage only one ISMS and easily demonstrate during certification that you meet the ISO 27001 requirements and your own requirements.

In addition, YICE also remains suitable for heavier work. Linking ISO, DNB, BIO, ISAE, SOC and many other controls in parent/child relationships. With this you give substance to the principle of ‘test once, comply to many’ and you can easily prove compliance to customers and regulators. You can give external auditors access so that they can record their evidence-based audits directly in YICE. This way you can easily and quickly link improvement actions to non-conformities.

Take the first step to switch to YICE and get in touch today. We help you with the conversion of your existing administration. And you can continue to use your familiar document management system. YICE easily connects with SharePoint, Confluence and other systems.

ISO 27002 has changed and that will also have consequences for ISO 27001.

The familiar set of Annex-A controls is being overhauled. From 14 to 4 chapters and from 114 to 93 controls. Attributes are also added for each control, such as #corrective or #integrity. Many old controls are reflected in the new standard, but controls have also been merged or are completely new.

YICE is fully prepared for the new standard, including the control attributes. Moreover, it is easy to make links between the old and new standard. This certainly comes in handy in a transition period. The advantage of the control attributes is that they can also be used in YICE to quickly find suitable controls for a certain risk, which saves a lot of searching. Useful!

Sooner or later the changes will have an impact on your ISO 27001 implementation and certification. Perhaps a good time to move to a robust GRC environment, such as YICE.

Curious? Let me know and we’ll make an appointment!

Time for a party! YICE B.V. passed the BSI control audit on 2 February and has been in possession of the ISO 27001 certificate for 1 year. We are doing everything we can to continue to offer our customers a secure GRC environment in the coming year!

Grateful and proud that we were able to double the number of YICE customers this year. With even more passion we will continue on the chosen path in 2022: Offering a smart, no-nonsense and affordable GRC platform.

YICE B.V. is represented with its own booth during Tech. Business Accelerate (TBX), formerly the Infosecurity Data & Cloud Expo. This event will take place on November 3 and 4, in the Jaarbeurs in Utrecht, The Netherlands.

Would you like to discuss your GRC challenges? Are you wondering what the added value is of GRC software compared to Excel? Would you like to have a handy cotton YICE shoulder bag or just drink a nice cup of coffee? You are most welcome at the YICE booth! Please let us know if you would like to receive a personal invitation link, which you can use to register for the event for free

ISO, GDPR, CIS, NIST, DNB, EBA, Fedramp, Wwft, NEN, BIO ,,… do you still see the controls through the jungle of control frameworks?

The demands of customers and regulators seem to be increasing every day and are often overlapping. How can you demonstrate that you meet all the requirements? With an ISO certificate? With an ISAE 3402 report? A SOC2 report? A right-to-audit? A combination of these? And how can you set up an effective and efficient control process, without checking the same subject 3 times? And how and where do you record the results?

If you can relate to these challenges, you have probably outgrown MS Excel as a registration tool. You need one central GRC system in which you can record all requirements and that supports you in your compliance challenges. A system that also anticipates new requirements from stakeholders, which can change on a daily basis; ClientA requires an encrypted database, clientB requires a backup twice a day and clientC wants an extra strong SSL certificate. Help!

Fortunately, the solution is nearby: YICE, a versatile, practical and affordable choice. And security comes first, YICE B.V. is also in possession of an ISO 27001 certification.

Shall we schedule a (virtual) meeting to brainstorm about your GRC challenges? I would be happy to give you a YICE demo right away.

I am proud to announce that YICE B.V., after months of intensive preparation, today received the ISO 27001 certificate from BSI. This means that the information security management system of YICE B.V. demonstrably complies with the strict requirements of ISO 27001. This certification contributes greatly to the professionalism of the service and to customer confidence in the information security of the GRC platform YICE.

For the further development of the GRC platform YICE, I have a nice internship assignment in Amersfoort for a UX/UI designer. The exact interpretation and planning are flexible. If you are or know someone who might be interested, please do not hesitate to contact me.

YICE B.V. considers its information security as crucial. For this reason, it was decided to certify the information security management system of YICE B.V. against the international ISO 27001 standard. The certification will be performed by BSI and will take place in December 2020 (phase 1) and February 2021 (phase 2).

Agile auditing. A nice buzz word that only becomes meaningful when you interpret it. For example, do you annually conduct a static audit program or does audit follow the heartbeat of the organization? In YICE, the principle of agile auditing comes to life through active & intelligent monitoring. After all, a good GRC tool has “itself” insight into current risk levels, the importance of assets, the effectiveness of controls, open non-conformities and current (improvement) actions. All important steering information when planning audits! Interested in a constructive discussion about agile auditing? Let us know and ask for a YICE demo!